Skip to content

Commit

Permalink
Delete WAF bypass vulnerabilities (out of scope) (#261)
Browse files Browse the repository at this point in the history 
* Delete vulnerabilities/azure-waf-bypass.yaml

* Delete vulnerabilities/aws-waf-sql-injection.yaml

* Update about.md
  • Loading branch information
@korniko98
korniko98 authored Dec 26, 2023
1 parent 76a2ebb commit cc6eed9
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 61 deletions.
4 changes: 3 additions & 1 deletion pages/about.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,14 @@ We define the following criteria for inclusion in this database:
4. And required remediation actions on either side of the shared responsibility model.

Examples include:
- Security issues in default misconfigurations
- Security issues affecting CSP-managed services
- Default misconfigurations of CSP-managed services
- Vulnerabilities in CSP-provided client software

We consider the following cases to be out of scope of this project:
- Cloud vulnerabilities or security issues about which there is no publicly available information
- CSP customer security incidents
- WAF bypass vulnerabilities

### History
This project was built on the foundations of [Scott Piper](https://twitter.com/0xdabbad00)’s [“Cloud Service Provider security mistakes”](https://github.com/SummitRoute/csp_security_mistakes), and as of June 28th, 2022, all content included here originally appeared in that repository.

Check failure on line 30 in pages/about.md

View workflow job for this annotation

GitHub Actions / Check Spelling 

`xdabbad` is not a recognized word. (unrecognized-spelling)
Expand Down
29 changes: 0 additions & 29 deletions vulnerabilities/aws-waf-sql-injection.yaml
View file

This file was deleted.

31 changes: 0 additions & 31 deletions vulnerabilities/azure-waf-bypass.yaml
View file

This file was deleted.

1 comment on commit cc6eed9

@github-actions
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@check-spelling-bot Report

🔴 Please review

See the 📜action log or 📝 job summary for details.

Unrecognized words (10)

Amitai
amitaico
onug
QEr
Schindel
smqmo
thexplorer
VCNx
www
xdabbad

To accept these unrecognized words as correct, you could run the following commands

... in a clone of the [email protected]:wiz-sec/open-cvdb.git repository
on the main branch (ℹ️ how do I use this?):

curl -s -S -L 'https://raw.githubusercontent.com/check-spelling/check-spelling/main/apply.pl' |
perl - 'https://github.com/wiz-sec/open-cvdb/actions/runs/7329294253/attempts/1'
Available 📚 dictionaries could cover words not in the 📘 dictionary
Dictionary Entries Covers Uniquely
cspell:powershell/dict/powershell.txt 91 1
cspell:css/dict/css.txt 263 1
cspell:software-terms/dict/softwareTerms.txt 1288 1

Consider adding them (in .github/workflows/spelling.yml) for uses: check-spelling/check-spelling@main in its with:

      with:
        extra_dictionaries:
          cspell:powershell/dict/powershell.txt
          cspell:css/dict/css.txt
          cspell:software-terms/dict/softwareTerms.txt

To stop checking additional dictionaries, add (in .github/workflows/spelling.yml) for uses: check-spelling/check-spelling@main in its with:

check_extra_dictionaries: ''
Errors (1)

See the 📜action log or 📝 job summary for details.

❌ Errors Count
❌ dictionary-not-found 3

See ❌ Event descriptions for more information.

If the flagged items are false positives

If items relate to a ...

  • binary file (or some other file you wouldn't want to check at all).

    Please add a file path to the excludes.txt file matching the containing file.

    File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.

    ^ refers to the file's path from the root of the repository, so ^README\.md$ would exclude README.md (on whichever branch you're using).

  • well-formed pattern.

    If you can write a pattern that would match it,
    try adding it to the patterns.txt file.

    Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.

    Note that patterns can't match multiline strings.

Please sign in to comment.