Issues · presidentbeef/brakeman

presidentbeef / brakeman Public

Notifications
Fork 704
Star 6.4k

Code
Issues 84
Pull requests 10
Discussions
Actions
Wiki
Security
Insights

Code
Issues
Pull requests
Discussions
Actions
Wiki
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

84 Open 615 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated

Most reactions

UnscopedFind check ignore certain models

#1707 opened Apr 25, 2022 by Mathiou04

Bundled rexml: "warning: previous definition of X was here"

#1705 opened Apr 19, 2022 by jsantos

brakeman 5.2.2: undefined method `sexp_type' for nil:NilClass

#1704 opened Apr 14, 2022 by karlxavier

I would like brakeman docker image to be cross platform

#1703 opened Apr 13, 2022 by kwerle

Apparently never ending "Indexing call sites..."

#1694 opened Mar 30, 2022 by akimd

Possible unprotected redirect for URL

#1687 opened Feb 23, 2022 by QuentinBonnafet

Trigger Mass Assignment rule on other foreign keys than account_id

#1685 opened Feb 21, 2022 by Owpac-doctolib

latest brakeman image in docker hub is older than 5.2.1

#1680 opened Feb 11, 2022 by shamrt

Prevent explicit engine/lib paths from being excluded from app tree

#1679 opened Feb 9, 2022 by dgholz

SQL injection false negative for connections on complex objects

#1678 opened Feb 9, 2022 by EQuincerot

dynamic render path check fires on component inheriting from ViewComponent::Base (but from a gem)

#1677 opened Feb 9, 2022 by dgholz

I get false positives for SQL injection on none AR classes on count.

#1667 opened Jan 12, 2022 by thijsnado

GitHub Actions report doesn't show where the error/warning occurs

#1666 opened Dec 30, 2021 by altjx

False Positive CSRF Warning for RAILS LTS 4.2.11.20

#1656 opened Dec 15, 2021 by james-burkill

False negative SQLi using map

#1651 opened Nov 23, 2021 by tsigouris007

Add Check: CSS Injection within inline styling

#1647 opened Oct 30, 2021 by boveus

CWE information

#1636 opened Sep 7, 2021 by bhuvi11

.map.join pattern is not considered string_building

#1628 opened Jul 26, 2021 by Fryguy

Unscoped find with find and find_by

#1626 opened Jul 23, 2021 by fidalgo

Brakeman doesn't understand map!

#1591 opened May 13, 2021 by MrJoy

False positives SQL injections

#1571 opened Feb 17, 2021 by aglushkov 5.1.1

False Positive: Dynamic render path is not taking into account allow-listed values

#1569 opened Feb 16, 2021 by agrobbin

False Positive: SQL Injection on string interpolation in #pretty_print

#1568 opened Feb 16, 2021 by ShadSterling

Add Check: CVE-2020-8165

#1566 opened Feb 10, 2021 by ippsec-htb

CheckReverseTabnabbing needs to be more strict.

#1563 opened Feb 4, 2021 by Sixeight

Previous 1 2 3 4 Next

Previous Next

ProTip! Mix and match filters to narrow down what you’re looking for.

Apr	MAY	Jun
	26
2021	2022	2023