The Wayback Machine - https://web.archive.org/web/20200603045828/https://github.com/github/codeql/pulls
Skip to content

/ codeql

New pull request New
97 Open 3,143 Closed
97 Open 3,143 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
JS: Introduce SharedTaintStep
JS
#3603 opened Jun 2, 2020 by asgerf Draft
C#: Avoid multiple taint-tracking configurations
C#
#3601 opened Jun 2, 2020 by hvitved Review required
@calumgrant
Add Log4J 2 and a new search string secret
Java
#3600 opened Jun 2, 2020 by luchua-bc Review required
JS: Recognize calls to .item and .namedItem
JS
#3599 opened Jun 1, 2020 by asgerf Approved
JS: Add StringOps::RegExpTest
Awaiting evaluation JS
#3598 opened Jun 1, 2020 by asgerf Approved
4
Add more code-scanning suites
#3596 opened Jun 1, 2020 by robertbrignull Review required
3
Java: Add check for J2EE server directory listing
Java
#3595 opened May 30, 2020 by luchua-bc Review required
Python: Fix some problems in TaintKind useage
Python
#3591 opened May 29, 2020 by RasmusWL Review required
6
C++: IR return indirections for `this`
C++
#3587 opened May 28, 2020 by rdmarsh2 Review required
2
[Java] CWE-295 - Incorrect Hostname Verification
Java
#3581 opened May 27, 2020 by intrigus-lgtm Review required
6
Python: insecure-protocol outdated
Python false-positive
#3580 opened May 27, 2020 by yoff Draft
3
Python: Add QLDoc for FunctionValue.getQualifiedName
Python
#3575 opened May 27, 2020 by RasmusWL Review required
Python: Handle fabric.api.execute in command injection
Python
#3563 opened May 26, 2020 by RasmusWL Review required
Java: CWE-273 Unsafe certificate trust
Java
#3550 opened May 24, 2020 by luchua-bc Review required
7
add support for java.io.StringWriter
#3547 opened May 22, 2020 by pwntester Approved
1
Python: How to make TaintKinds for dict subclasses
Python
#3545 opened May 22, 2020 by RasmusWL Draft
1
Java: add websocket reads as remote flow source.
Java
#3543 opened May 21, 2020 by porcupineyhairs Review required
Java : add MongoDB injection sinks
Java
#3542 opened May 21, 2020 by porcupineyhairs Review required
Java: CWE-523 Insecure HSTS configuration
Java
#3534 opened May 20, 2020 by luchua-bc Review required
Python : Add Xpath injection query
Python
#3522 opened May 19, 2020 by porcupineyhairs Changes requested
@RasmusWL
18
Python : Add support for detecting XSLT Injection
Python
#3521 opened May 19, 2020 by porcupineyhairs Review required
@RasmusWL
3
C++: Use TaintTracking::Configuration in TaintedAllocationSize
C++ depends on internal PR
#3519 opened May 19, 2020 by rdmarsh2 Review required
12
C#: Recognize more calls to `IHtmlHelper.Raw`
C#
#3509 opened May 19, 2020 by hvitved Changes requested
@calumgrant
4
Python: Fix django taint sinks
Python
#3503 opened May 18, 2020 by RasmusWL Review required
1 3
Python: Copy sanitizes default modification
Python false-positive
#3502 opened May 18, 2020 by yoff Changes requested
24
ProTip! Follow long discussions with comments:>50.
You can’t perform that action at this time.