Skip to content

/ codeql

New pull request New
132 Open 4,044 Closed
132 Open 4,044 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
πŸ‘ πŸ‘Ž πŸ˜„ πŸŽ‰ πŸ˜• ❀️ πŸš€ πŸ‘€
[Java] Triplicate UnsafeCert query so it can be split.
Java documentation
#4771 opened Dec 2, 2020 by intrigus-lgtm β€’ Review required
[WIP] Update query and library links for new locations
documentation
#4768 opened Dec 2, 2020 by jf205 β€’ Review required
C++: Cleanup data/taint flow tests
C++
#4766 opened Dec 2, 2020 by criemen β€’ Review required
Data flow: Cache `ParamUpdateReturnKind::getAnOutNode()`
C# C++ Java Python
#4765 opened Dec 2, 2020 by hvitved β€’ Draft
3
JS: Merge SSTI query into js/code-injection
Awaiting evaluation JS documentation
#4762 opened Dec 1, 2020 by asgerf β€’ Review required
2
C#: Extract enum underlying type from IL
C#
#4761 opened Dec 1, 2020 by tamasvajk β€’ Draft
1
C#: Improve array argument CIL extraction for attributes
C#
#4759 opened Dec 1, 2020 by tamasvajk β€’ Review required
Python: Enclosing callable for synthetic arguments
Python
#4757 opened Dec 1, 2020 by yoff β€’ Review required
1
JavaScript: Add models for more Mongoose methods.
JS documentation
#4753 opened Nov 30, 2020 by max-schaefer β€’ Approved
Python: Dataflow, unpacking assignment
Python
#4752 opened Nov 30, 2020 by yoff β€’ Changes requested
2
JS: Move `js/log-injection` into non-experimental.
JS documentation
#4751 opened Nov 30, 2020 by erik-krogh β€’ Review required
C++: Model classes in StdString.qll.
C++
#4750 opened Nov 30, 2020 by geoffw0 β€’ Review required
1
Python: Add some command injection tests
Python
#4749 opened Nov 30, 2020 by RasmusWL β€’ Draft
Java: Improve performance of SSA.
Java
#4746 opened Nov 30, 2020 by aschackmull β€’ Review required
3
CPP: Add query for CWE-191 into experimental this reveals a dangerous comparison
C++ documentation
#4745 opened Nov 28, 2020 by ihsinme β€’ Review required
9
JavaScript: Factor out HTML extractor
JS depends on internal PR
#4744 opened Nov 27, 2020 by sauyon β€’ Review required
5
Java: Add flow steps through methods of `java.nio.Buffer` and its subclasses
Java
#4743 opened Nov 27, 2020 by joefarebrother β€’ Review required
1
C#: WIP: extract underlying enum type from CIL
C#
#4742 opened Nov 27, 2020 by tamasvajk β€’ Draft
1
Python: Force read- and store steps to add nodes.
Python
#4737 opened Nov 27, 2020 by yoff β€’ Review required
8
Python: Untrusted data used in external APIs
Python documentation
#4735 opened Nov 26, 2020 by RasmusWL β€’ Review required
1
JS: Add more models for command parsing libraries in js/indirect-command-line-injection
JS
#4733 opened Nov 26, 2020 by erik-krogh β€’ Review required
JS: Add `security` tag to js/angular/double-compilation
JS
#4732 opened Nov 26, 2020 by esbena β€’ Approved
C#: Implement CFG for `not` patterns
C# documentation
#4724 opened Nov 25, 2020 by hvitved β€’ Draft
C++: Filter out lower bounds on overflowing exprs
C++
#4722 opened Nov 24, 2020 by rdmarsh2 β€’ Review required
8
JS: Add suffix/prefix construction to js/redos
JS
#4721 opened Nov 24, 2020 by erik-krogh β€’ Review required
14
ProTip! Exclude everything labeled bug with -label:bug.
You can’t perform that action at this time.