Describe the bug
Online docs for NETW-3200 are not yet implemented.

Version

• Distribution: Ubuntu 18.04
• Lynis version: 3.0.0

Expected behavior
A (minimal) description of the problem should exist and ideally a general direction on how to fix the issue.

Output

A new discovery!

Oops, looks like this control is not listed yet in the database.

Want to help 

The email address provided in the "Commercial Uses" section in LICENSE.md is invalid. Emails send to that address return with "User unknown" notice.

Multiples wiki issues.

Typos

• https://github.com/infobyte/faraday/wiki/Executive-Report#using-markdown-on-a-report: -lenguage +language

Bad links

• https://github.com/infobyte/faraday/wiki/Executive-Report#requirements: https://github.com/infobyte/faraday/wiki/first-steps, the nedpoint first-steps doesn't exist anymore.

Images

• https://github.com/infob

It'd be helpful if there was a check for ELB and ALBs that have either no listeners or no instances in their target pool. The check is similar to an unused security group although their are more financial penalties for having idle ELB and ALBs.

Thank you for this project!

I have been struggling to work out how best to configure a CI for using DependencyCheck.

For example, I'd like to use the caching feature of GitHub actions with DependencyCheck to avoid redownloading all the CVEs on each build.

1. Is there a shared cache I can refer to?
2. If not; what's the "right" way to set up a shared cache for my project?

Ideally, this

Environment

Cobra version: 2.0.0-alpha.5
Python version: 2.7.10
Operating system: Darwin-15.5.0-x86_64-i386-64bit
Command line: cobra.py -t tests/vulnerabilities/ -r CVI-167001.xml

Traceback

Traceback (most recent call last):
  File "/Users/Viarus/Documents/cobra/cobra/__init__.py", line 82, in main
    cli.start(args.target, args.format, args.output, args.special_rules, a_sid)
 

Description

The class ZipEntry describe one file inside a Zip archive. getName() return the file name from this file. It could contain a malicious string such as "../../../". If the value is used to build a file path, it could lead to a

This may surprise developers used to other templating engines used in Rails, but, at time of writing, Liquid does not behave like ERB/HAML templates in Rails where interpolated values are escaped by default.

Liquid does not escape interpolated values and does not have an option (at time of writing) to configure this to be the default. The developer needs to remember each and every time to es

As a contributor, I'd like to make it as easy as possible to review and have my contributions approved. In making that possible, I'd like to propose adding code style checks as a part of the build.

I'm happy to adopt the style that already exists in the repository, so all I'm asking here is whether such a change would be of interest if I do all of the work.

The filename:.history test matches all files with "history" anywhere in the filename which generates a large number of false positives.

At the moment EC2 audit is raising an issue that I cannot investigate because of the lack of detail:

Warning: VPC has en exposed enpoint
Warning: VPC has en exposed enpoint
Warning: VPC has en exposed enpoint
Warning: VPC has en exposed enpoint
Warning: VPC has en exposed enpoint
Warning: VPC has an exposed enpoint
Warning: VPC has en exposed enpoint
Warni

The following things should be fixed:

• Inserts that trigger an upsert should be logged as an update
• An update should log the identifier/value the old value (or none) and the new value, eg: column: old => new
• Avoid duplicate code for scoped/unscoped that only differ in color codes

Also, consider:

• Reuse the one-line representation in select as a base for detailed