https://github.com/carlspring/vertx-vulns

This repository is a collection of vulnerable code examples for Vert.X.
https://github.com/carlspring/vertx-vulns

security vertx vulnerabilities vulnerability-detection

Last synced: 17 days ago
JSON representation

This repository is a collection of vulnerable code examples for Vert.X.

• Host: GitHub
• URL: https://github.com/carlspring/vertx-vulns
• Owner: carlspring
• Created: 2023-05-03T13:11:26.000Z (almost 2 years ago)
• Default Branch: master
• Last Pushed: 2024-05-24T15:44:09.000Z (9 months ago)
• Last Synced: 2024-11-21T22:42:06.863Z (3 months ago)
• Topics: security, vertx, vulnerabilities, vulnerability-detection
• Language: Java
• Homepage:
• Size: 114 KB
• Stars: 0
• Watchers: 3
• Forks: 1
• Open Issues: 8
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
This is a repository that contains examples of vulnerable Vert.X code.

The goal is to collect a sufficient amount of security anti-patterns that would be useful enough to be able to build up

rule sets for SAST tools.

The code examples should be:

- As simple as possible, so that they can be easily understood and used as a reference.

- Implemented for versions >= 4.4.x of Vert.X.

# Contributing Code Examples

If you want to contribute a code example, please, try following these guidelines to the extent possible:

* Create an issue describing the anti-pattern that you want to demonstrate, if one does not exist already.

* Create a new class (or classes) that demonstrates the anti-pattern.

* Use the `Insecure` prefix to illustrate the anti-pattern.

* Create a new class (or classes) that demonstrates the secure way of doing the same thing.

* Use the `Secure` prefix to illustrate the correct and secure way.

* Add sufficient comments to the code to explain the anti-pattern and the secure way.

* If necessary, update the Gradle dependencies accordingly.

* If at possible, provide test cases.