Skip to content

/ codeql

New pull request New
103 Open 3,151 Closed
103 Open 3,151 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
πŸ‘ πŸ‘Ž πŸ˜„ πŸŽ‰ πŸ˜• ❀️ πŸš€ πŸ‘€
Mergeback rc/1.24 -> master
Mergeback
#3622 opened Jun 4, 2020 by aschackmull β€’ Review required
JS: Fix inconsistencies in js/path-injection
JS
#3619 opened Jun 4, 2020 by erik-krogh β€’ Review required 3 of 3
1
QL Specification: Fix mistake in dispatch computation
#3615 opened Jun 3, 2020 by alexet β€’ Approved
1
JS: Don't treat a property of a tainted object as tainted when there exists a dominating write
Awaiting evaluation JS
#3613 opened Jun 3, 2020 by erik-krogh β€’ Review required 0 of 2
8
C++: Share `TInstruction` across IR stages
C# C++
#3612 opened Jun 3, 2020 by dbartol β€’ Draft
C#: Add call-sensitivity to data-flow call resolution
C#
#3610 opened Jun 3, 2020 by hvitved β€’ Review required
@calumgrant
1
JS: Add support for fetch Headers in js/hardcoded-credentials
Awaiting evaluation JS
#3609 opened Jun 3, 2020 by erik-krogh β€’ Approved 1 of 2
18
Java: Backport missing CFG edge fix for switch expressions
Java
#3608 opened Jun 3, 2020 by aschackmull β€’ Review required 1.24
JS: Introduce SharedTaintStep
JS
#3603 opened Jun 2, 2020 by asgerf β€’ Draft
2
C#: Avoid multiple taint-tracking configurations
C#
#3601 opened Jun 2, 2020 by hvitved β€’ Review required
@calumgrant
Add Log4J 2 and a new search string secret
Java
#3600 opened Jun 2, 2020 by luchua-bc β€’ Review required
JS: Recognize calls to .item and .namedItem
JS
#3599 opened Jun 1, 2020 by asgerf β€’ Approved
Add more code-scanning suites
#3596 opened Jun 1, 2020 by robertbrignull β€’ Review required
6
Java: Add check for J2EE server directory listing
Java
#3595 opened May 30, 2020 by luchua-bc β€’ Review required
Python: Fix some problems in TaintKind useage
Python
#3591 opened May 29, 2020 by RasmusWL β€’ Review required
7
C++: IR return indirections for `this`
C++
#3587 opened May 28, 2020 by rdmarsh2 β€’ Review required
2
[Java] CWE-295 - Incorrect Hostname Verification
Java
#3581 opened May 27, 2020 by intrigus-lgtm β€’ Review required
6
Python: insecure-protocol outdated
Python false-positive
#3580 opened May 27, 2020 by yoff β€’ Draft
3
Python: Add QLDoc for FunctionValue.getQualifiedName
Python
#3575 opened May 27, 2020 by RasmusWL β€’ Review required
Python: Handle fabric.api.execute in command injection
Python
#3563 opened May 26, 2020 by RasmusWL β€’ Approved
2
Java: CWE-273 Unsafe certificate trust
Java
#3550 opened May 24, 2020 by luchua-bc β€’ Review required
7
add support for java.io.StringWriter
#3547 opened May 22, 2020 by pwntester β€’ Approved
1
Python: How to make TaintKinds for dict subclasses
Python
#3545 opened May 22, 2020 by RasmusWL β€’ Draft
1
Java: add websocket reads as remote flow source.
Java
#3543 opened May 21, 2020 by porcupineyhairs β€’ Review required
Java : add MongoDB injection sinks
Java
#3542 opened May 21, 2020 by porcupineyhairs β€’ Review required
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.
You can’t perform that action at this time.