Should we consider adding web3 vulnerabilities classification? #69
Labels
collab
Content suggestion or request
help wanted
Extra attention is needed
question
Further information is requested
Comments
mattaereal
added
collab
|
Oh yes let's do this. I imagine ISAC already has some schema in use. I'll go ask about it, but if not this could be a very helpful thing for SEAL to maintain. |
|
I'd only like to clarify that in the conversation @pcaversaccio had with @kajaaz, kaj was more inclined toward having something to categorize vulnerabilities as in CVE-style. That is out of the scope of frameworks, but @pcaversaccio and I agreed that it might be a good idea that frameworks hold the categorization upon which someone else can create this other different product. It might be a separate initiative, who knows? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What content are you looking to add?
A web3 vulnerabilities classification.
Why do you think it is important?
Most of the current ones are outdated or unmaintained afaik. Maybe if this lives inside the repo, it might have a better chance to keep it updated.
Can you cite resources where to base the content from?
https://swcregistry.io/
https://securing.github.io/SCSVS/
https://github.com/sigp/solidity-security-blog
https://dl.acm.org/doi/fullHtml/10.1145/3391195#sec-9
https://nvd.nist.gov/vuln/detail/CVE-2023-40014
The text was updated successfully, but these errors were encountered: