vrt 0.11.0 → 0.12.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3e72aff10fc7d7e4541d82abe72ea1a27d15bf081f0680486bacf8dad8e24401
4
- data.tar.gz: 9f36f73bdb60ffa38c54b0b3d77070e54bbea90040460f70178db30ac9f6cd6c
3
+ metadata.gz: '0169fa5eefe3b7456890c719833414d3d3871d2223d0e9bad91f3c0b71ec378a'
4
+ data.tar.gz: a90d78493102d131fe1ae6ffd7d6d914b261d413f8d1c5ce1950d158e90ce374
5
5
  SHA512:
6
- metadata.gz: c669431d70441701c9a648304d077b1d9675c83895430d0b396f42d32d9856ecc303619e710e563642cc1bf18dde41ec36d8dbe009ac1e12da7abe4419d100a5
7
- data.tar.gz: 55ec6e249e5371bea5a8adbba3eeb8a026b504b9f8b4de6ce4d369e7d8a5b33de752d0c5414b3fb7c2cba23cfbd653aa940689dfd4010dc55d8a4909727feae6
6
+ metadata.gz: 3189b3406628826082d23f721dad49d8fef33f420ab0b41ca2e1b206479542f5f536174a9a7737b44a44ee153af86b705d98106a82954d3e347ff772fa458f59
7
+ data.tar.gz: b4f1db59ecbe5bc0c7ef69fe9df785583bb26edb6739f06260178ad15014f8b4110b1cbc5697c389a737239671b516df54b72841916b95fe4a2aa16f08efa9d9
@@ -0,0 +1,236 @@
1
+ {
2
+ "poor_physical_security": {
3
+ "1.1": "other"
4
+ },
5
+ "social_engineering": {
6
+ "1.1": "other"
7
+ },
8
+ "unvalidated_redirects_and_forwards.open_redirect.get_based_all_users": {
9
+ "1.2": "unvalidated_redirects_and_forwards.open_redirect.get_based"
10
+ },
11
+ "unvalidated_redirects_and_forwards.open_redirect.get_based_authenticated": {
12
+ "1.2": "unvalidated_redirects_and_forwards.open_redirect.get_based"
13
+ },
14
+ "unvalidated_redirects_and_forwards.open_redirect.get_based_unauthenticated": {
15
+ "1.2": "unvalidated_redirects_and_forwards.open_redirect.get_based"
16
+ },
17
+ "broken_authentication_and_session_management.session_token_in_url.over_https": {
18
+ "1.2": "sensitive_data_exposure.sensitive_token_in_url"
19
+ },
20
+ "broken_authentication_and_session_management.session_token_in_url.over_http": {
21
+ "1.2": "sensitive_data_exposure.sensitive_token_in_url"
22
+ },
23
+ "broken_authentication_and_session_management.session_token_in_url": {
24
+ "1.2": "sensitive_data_exposure.sensitive_token_in_url"
25
+ },
26
+ "insecure_data_transport": {
27
+ "1.2": "mobile_security_misconfiguration"
28
+ },
29
+ "insecure_data_transport.ssl_certificate_pinning": {
30
+ "1.2": "mobile_security_misconfiguration.ssl_certificate_pinning"
31
+ },
32
+ "insecure_data_transport.ssl_certificate_pinning.absent": {
33
+ "1.2": "mobile_security_misconfiguration.ssl_certificate_pinning.absent"
34
+ },
35
+ "insecure_data_transport.ssl_certificate_pinning.defeatable": {
36
+ "1.2": "mobile_security_misconfiguration.ssl_certificate_pinning.defeatable"
37
+ },
38
+ "insecure_data_storage.credentials_stored_unencrypted": {
39
+ "1.2": "insecure_data_storage.sensitive_application_data_stored_unencrypted"
40
+ },
41
+ "insecure_data_storage.credentials_stored_unencrypted.on_external_storage": {
42
+ "1.2": "insecure_data_storage.sensitive_application_data_stored_unencrypted.on_external_storage"
43
+ },
44
+ "insecure_data_storage.credentials_stored_unencrypted.on_internal_storage": {
45
+ "1.2": "insecure_data_storage.sensitive_application_data_stored_unencrypted.on_internal_storage"
46
+ },
47
+ "insufficient_security_configurability.weak_password_policy.complexity_both_length_and_char_type_not_enforced": {
48
+ "1.2": "insufficient_security_configurability.no_password_policy"
49
+ },
50
+ "missing_function_level_access_control": {
51
+ "1.3": "broken_access_control"
52
+ },
53
+ "missing_function_level_access_control.server_side_request_forgery_ssrf": {
54
+ "1.3": "broken_access_control.server_side_request_forgery_ssrf"
55
+ },
56
+ "missing_function_level_access_control.server_side_request_forgery_ssrf.internal": {
57
+ "1.3": "broken_access_control.server_side_request_forgery_ssrf.internal"
58
+ },
59
+ "missing_function_level_access_control.server_side_request_forgery_ssrf.external": {
60
+ "1.3": "broken_access_control.server_side_request_forgery_ssrf.external"
61
+ },
62
+ "missing_function_level_access_control.username_enumeration": {
63
+ "1.3": "broken_access_control.username_enumeration"
64
+ },
65
+ "missing_function_level_access_control.username_enumeration.data_leak": {
66
+ "1.3": "broken_access_control.username_enumeration.data_leak"
67
+ },
68
+ "missing_function_level_access_control.exposed_sensitive_android_intent": {
69
+ "1.3": "broken_access_control.exposed_sensitive_android_intent"
70
+ },
71
+ "missing_function_level_access_control.exposed_sensitive_ios_url_scheme": {
72
+ "1.3": "broken_access_control.exposed_sensitive_ios_url_scheme"
73
+ },
74
+ "insecure_direct_object_references_idor": {
75
+ "1.3": "broken_access_control.idor"
76
+ },
77
+ "broken_authentication_and_session_management.weak_login_function.over_http": {
78
+ "1.4": "broken_authentication_and_session_management.weak_login_function.https_not_available_or_http_by_default"
79
+ },
80
+ "cross_site_scripting_xss.ie_only.older_version_ie_10_11": {
81
+ "1.4": "cross_site_scripting_xss.ie_only.ie11"
82
+ },
83
+ "cross_site_scripting_xss.ie_only.older_version_ie10": {
84
+ "1.4": "cross_site_scripting_xss.ie_only.older_version_ie11"
85
+ },
86
+ "broken_authentication_and_session_management.failure_to_invalidate_session.on_password_reset": {
87
+ "1.4": "broken_authentication_and_session_management.failure_to_invalidate_session.on_password_change"
88
+ },
89
+ "network_security_misconfiguration.telnet_enabled.credentials_required": {
90
+ "1.4": "broken_authentication_and_session_management.weak_login_function.other_plaintext_protocol_no_secure_alternative"
91
+ },
92
+ "server_security_misconfiguration.mail_server_misconfiguration.missing_spf_on_email_domain": {
93
+ "1.5": "server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_on_email_domain"
94
+ },
95
+ "server_security_misconfiguration.mail_server_misconfiguration.email_spoofable_via_third_party_api_misconfiguration": {
96
+ "1.5": "server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_on_email_domain"
97
+ },
98
+ "cross_site_scripting_xss.stored.admin_to_anyone": {
99
+ "1.5": "cross_site_scripting_xss.stored.privileged_user_to_privilege_elevation"
100
+ },
101
+ "server_security_misconfiguration.misconfigured_dns.subdomain_takeover": {
102
+ "1.5": "server_security_misconfiguration.misconfigured_dns.basic_subdomain_takeover"
103
+ },
104
+ "server_security_misconfiguration.captcha_bypass": {
105
+ "1.5": "server_security_misconfiguration.captcha"
106
+ },
107
+ "server_security_misconfiguration.captcha_bypass.implementation_vulnerability": {
108
+ "1.5": "server_security_misconfiguration.captcha.implementation_vulnerability"
109
+ },
110
+ "server_security_misconfiguration.captcha_bypass.brute_force": {
111
+ "1.5": "server_security_misconfiguration.captcha.brute_force"
112
+ },
113
+ "broken_access_control.server_side_request_forgery_ssrf.internal": {
114
+ "1.6": "broken_access_control.server_side_request_forgery_ssrf.internal_high_impact"
115
+ },
116
+ "server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_on_email_domain": {
117
+ "1.6": "server_security_misconfiguration.mail_server_misconfiguration.no_spoofing_protection_on_email_domain"
118
+ },
119
+ "server_security_misconfiguration.mail_server_misconfiguration.missing_spf_on_non_email_domain": {
120
+ "1.6": "server_security_misconfiguration.mail_server_misconfiguration.missing_or_misconfigured_spf_and_or_dkim"
121
+ },
122
+ "server_security_misconfiguration.mail_server_misconfiguration.spf_uses_a_soft_fail": {
123
+ "1.6": "server_security_misconfiguration.mail_server_misconfiguration.missing_or_misconfigured_spf_and_or_dkim"
124
+ },
125
+ "server_security_misconfiguration.mail_server_misconfiguration.spf_includes_10_lookups": {
126
+ "1.6": "server_security_misconfiguration.mail_server_misconfiguration.missing_or_misconfigured_spf_and_or_dkim"
127
+ },
128
+ "server_security_misconfiguration.mail_server_misconfiguration.missing_dmarc": {
129
+ "1.6": "server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_to_inbox_due_to_missing_or_misconfigured_dmarc_on_email_domain"
130
+ },
131
+ "broken_access_control.username_enumeration.data_leak": {
132
+ "1.7": "broken_access_control.username_enumeration.non_brute_force"
133
+ },
134
+ "insufficient_security_configurability.weak_2fa_implementation": {
135
+ "1.7": "insufficient_security_configurability.weak_two_fa_implementation"
136
+ },
137
+ "sensitive_data_exposure.token_leakage_via_referer.trusted_3rd_party": {
138
+ "1.7": "sensitive_data_exposure.token_leakage_via_referer.trusted_third_party"
139
+ },
140
+ "sensitive_data_exposure.token_leakage_via_referer.untrusted_3rd_party": {
141
+ "1.7": "sensitive_data_exposure.token_leakage_via_referer.untrusted_third_party"
142
+ },
143
+ "cross_site_scripting_xss.ie_only.ie11": {
144
+ "1.7": "cross_site_scripting_xss.ie_only.ie_eleven"
145
+ },
146
+ "cross_site_scripting_xss.ie_only.older_version_ie11": {
147
+ "1.7": "cross_site_scripting_xss.ie_only.older_version_ie_eleven"
148
+ },
149
+ "sensitive_data_exposure.critically_sensitive_data.password_disclosure": {
150
+ "1.9": "sensitive_data_exposure.disclosure_of_secrets"
151
+ },
152
+ "sensitive_data_exposure.critically_sensitive_data.private_api_keys": {
153
+ "1.9": "sensitive_data_exposure.disclosure_of_secrets"
154
+ },
155
+ "sensitive_data_exposure.critically_sensitive_data": {
156
+ "1.9": "sensitive_data_exposure"
157
+ },
158
+ "insufficient_security_configurability.lack_of_verification_email": {
159
+ "1.10": "insufficient_security_configurability.verification_of_contact_method_not_required"
160
+ },
161
+ "broken_authentication_and_session_management.weak_login_function.https_not_available_or_http_by_default": {
162
+ "1.10": "broken_authentication_and_session_management.weak_login_function.over_http"
163
+ },
164
+ "broken_authentication_and_session_management.weak_login_function.http_and_https_available": {
165
+ "1.10": "broken_authentication_and_session_management.weak_login_function.over_http"
166
+ },
167
+ "broken_authentication_and_session_management.weak_login_function.lan_only": {
168
+ "1.10": "broken_authentication_and_session_management.weak_login_function.over_http"
169
+ },
170
+ "cross_site_request_forgery_csrf.flash_based.high_impact": {
171
+ "1.10": "cross_site_request_forgery_csrf.flash_based"
172
+ },
173
+ "cross_site_request_forgery_csrf.flash_based.low_impact": {
174
+ "1.10": "cross_site_request_forgery_csrf.flash_based"
175
+ },
176
+ "automotive_security_misconfiguration.infotainment": {
177
+ "1.10": "automotive_security_misconfiguration.infotainment_radio_head_unit"
178
+ },
179
+ "automotive_security_misconfiguration.infotainment.pii_leakage": {
180
+ "1.10": "automotive_security_misconfiguration.infotainment_radio_head_unit.pii_leakage"
181
+ },
182
+ "automotive_security_misconfiguration.infotainment.code_execution_can_bus_pivot": {
183
+ "1.10": "automotive_security_misconfiguration.infotainment_radio_head_unit.code_execution_can_bus_pivot"
184
+ },
185
+ "automotive_security_misconfiguration.infotainment.code_execution_no_can_bus_pivot": {
186
+ "1.10": "automotive_security_misconfiguration.infotainment_radio_head_unit.code_execution_no_can_bus_pivot"
187
+ },
188
+ "automotive_security_misconfiguration.infotainment.unauthorized_access_to_services": {
189
+ "1.10": "automotive_security_misconfiguration.infotainment_radio_head_unit.unauthorized_access_to_services"
190
+ },
191
+ "automotive_security_misconfiguration.infotainment.source_code_dump": {
192
+ "1.10": "automotive_security_misconfiguration.infotainment_radio_head_unit.source_code_dump"
193
+ },
194
+ "automotive_security_misconfiguration.infotainment.dos_brick": {
195
+ "1.10": "automotive_security_misconfiguration.infotainment_radio_head_unit.dos_brick"
196
+ },
197
+ "automotive_security_misconfiguration.infotainment.default_credentials": {
198
+ "1.10": "automotive_security_misconfiguration.infotainment_radio_head_unit.default_credentials"
199
+ },
200
+ "broken_cryptography": {
201
+ "1.11": "other"
202
+ },
203
+ "broken_cryptography.cryptographic_flaw": {
204
+ "1.11": "other"
205
+ },
206
+ "broken_cryptography.cryptographic_flaw.incorrect_usage": {
207
+ "1.11": "other"
208
+ },
209
+ "cross_site_scripting_xss.ie_only.ie_eleven": {
210
+ "1.11": "other"
211
+ },
212
+ "cross_site_scripting_xss.ie_only.older_version_ie_eleven": {
213
+ "1.11": "cross_site_scripting_xss.ie_only"
214
+ },
215
+ "cross_site_scripting_xss.ie_only.xss_filter_disabled": {
216
+ "1.11": "other"
217
+ },
218
+ "automotive_security_misconfiguration.infotainment_radio_head_unit.pii_leakage": {
219
+ "1.11": "automotive_security_misconfiguration.infotainment_radio_head_unit.sensitive_data_leakage_exposure"
220
+ },
221
+ "broken_access_control.server_side_request_forgery_ssrf": {
222
+ "1.11": "server_security_misconfiguration.server_side_request_forgery_ssrf"
223
+ },
224
+ "broken_access_control.server_side_request_forgery_ssrf.internal_high_impact": {
225
+ "1.11": "server_security_misconfiguration.server_side_request_forgery_ssrf.internal_high_impact"
226
+ },
227
+ "broken_access_control.server_side_request_forgery_ssrf.internal_scan_and_or_medium_impact": {
228
+ "1.11": "server_security_misconfiguration.server_side_request_forgery_ssrf.internal_scan_and_or_medium_impact"
229
+ },
230
+ "broken_access_control.server_side_request_forgery_ssrf.dns_query_only": {
231
+ "1.11": "server_security_misconfiguration.server_side_request_forgery_ssrf.external_dns_query_only"
232
+ },
233
+ "broken_access_control.server_side_request_forgery_ssrf.external": {
234
+ "1.11": "server_security_misconfiguration.server_side_request_forgery_ssrf.external_low_impact"
235
+ }
236
+ }