bigspotteddog / WebGoat Public

forked from sonatype/WebGoat

Notifications You must be signed in to change notification settings
Fork 5
Star 0

Code
Issues 48
Pull requests 2
Actions
Projects
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights

Issues: bigspotteddog/WebGoat

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

48 Open 432 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

[DepShield] taglibs:standard:1.1.2 is vulnerable to [CVE-2015-0254] Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrar...

#480 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] org.springframework:spring-webmvc:3.2.4.RELEASE is vulnerable to [CVE-2014-0054] Cross-Site Request Forgery (CSRF)

#479 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] org.springframework:spring-webmvc:3.2.4.RELEASE is vulnerable to [CVE-2014-3578] Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal")

#478 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] org.springframework:spring-core:3.2.4.RELEASE is vulnerable to [CVE-2014-0054] Cross-Site Request Forgery (CSRF)

#477 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] org.springframework:spring-core:3.2.4.RELEASE is vulnerable to [CVE-2018-1272] Permissions, Privileges, and Access Controls

#476 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] javax.servlet:jstl:1.2 is vulnerable to [CVE-2015-0254] Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrar...

#475 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] javax.mail:mail:1.4.2 is vulnerable to CWE-200: Information Exposure

#474 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] commons-fileupload:commons-fileupload:1.2.2 is vulnerable to [CVE-2014-0050] Permissions, Privileges, and Access Controls

#473 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] commons-fileupload:commons-fileupload:1.2.2 is vulnerable to [CVE-2016-1000031] Improper Access Control

#472 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] commons-fileupload:commons-fileupload:1.2.2 is vulnerable to [CVE-2016-3092] Improper Input Validation

#471 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] commons-fileupload:commons-fileupload:1.2.2 is vulnerable to [CVE-2013-0248] Permissions, Privileges, and Access Controls

#470 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] commons-collections:commons-collections:3.1 is vulnerable to [CVE-2015-6420] Serialized-object interfaces in certain Cisco Collaboration and Social Media; En...

#469 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] commons-collections:commons-collections:3.1 is vulnerable to [CVE-2017-15708] In Apache Synapse, by default no authentication is required for Java Remote Meth...

#468 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] com.fasterxml.jackson.core:jackson-databind:2.0.4 is vulnerable to [CVE-2017-17485] Improper Control of Generation of Code ("Code Injection")

#467 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] com.fasterxml.jackson.core:jackson-databind:2.0.4 is vulnerable to [CVE-2017-7525] Deserialization of Untrusted Data

#466 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] com.fasterxml.jackson.core:jackson-databind:2.0.4 is vulnerable to [CVE-2017-15095] Deserialization of Untrusted Data

#465 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] com.fasterxml.jackson.core:jackson-databind:2.0.4 is vulnerable to [CVE-2018-7489] Incomplete Blacklist, Deserialization of Untrusted Data

#464 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] com.fasterxml.jackson.core:jackson-databind:2.0.4 is vulnerable to [CVE-2018-5968] Incomplete Blacklist, Deserialization of Untrusted Data

#463 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] axis:axis:1.2 is vulnerable to [CVE-2012-5784] Improper Input Validation

#462 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] axis:axis:1.2 is vulnerable to [CVE-2014-3596] The getCN function in Apache Axis 1.4 and earlier does not properly verify that ...

#461 opened Oct 19, 2018 by jcava-depshield bot

[DepShield] taglibs:standard:1.1.2 is vulnerable to [CVE-2015-0254] Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrar...

#460 opened Aug 31, 2018 by sonatype-depshield-ci bot

[DepShield] org.springframework:spring-core:3.2.4.RELEASE is vulnerable to [CVE-2018-1272] Permissions, Privileges, and Access Controls

#459 opened Aug 31, 2018 by sonatype-depshield-ci bot

[DepShield] javax.servlet:jstl:1.2 is vulnerable to [CVE-2015-0254] Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrar...

#458 opened Aug 31, 2018 by sonatype-depshield-ci bot

[DepShield] commons-fileupload:commons-fileupload:1.2.2 is vulnerable to [CVE-2014-0050] Permissions, Privileges, and Access Controls

#457 opened Aug 31, 2018 by sonatype-depshield-ci bot

[DepShield] commons-fileupload:commons-fileupload:1.2.2 is vulnerable to [CVE-2016-1000031] Improper Access Control

#456 opened Aug 31, 2018 by sonatype-depshield-ci bot

Previous 1 2 Next

Previous Next

ProTip! Mix and match filters to narrow down what you’re looking for.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly