Sup, everyone. I wanted to see how different CVE vulnerabilities look in real code examples. Not exploits, but vulnerable code. So, does anyone know if there is a site, git repo or anything with such stuff? Or i just have to search git for fixes of vulnerabilities and compare code like before/after?
CodePudding user response:
This is a little bit of vague question.
However, when it comes to WebApps OWASP is a great resources. They have a number of projects e.g. WebGoat. This gives you both examples of insecure code and also tutorials around how to avoid the problems.
Of course, this doesn't necessarily include all recent CVE's, but is a great example of some real code examples.
CodePudding user response:
Well, i'll post what i've found on the topic just in case. The original question resulted from my lack of knowledge about CVEs being an outcome of CWE exploitation. So, i should've been looking for code examples containing CWEs instead of CVEs. Hence, the web-site i was looking for is nist gov and their Test Suites.