Java: add change note for java/netty-http-response-splitting

2025-12-16 08:43:11 +01:00 · 2019-12-12 14:31:06 -05:00
parent 73446ea610
commit 32f146fbca
1 changed files with 1 additions and 0 deletions
--- a/change-notes/1.23/analysis-java.md
+++ b/change-notes/1.23/analysis-java.md
@@ -7,6 +7,7 @@ The following changes in version 1.23 affect Java analysis in all applications.
 | **Query**                   | **Tags**  | **Purpose**                                                        |
 |-----------------------------|-----------|--------------------------------------------------------------------|
 | Continue statement that does not continue (`java/continue-in-false-loop`) | correctness | Finds `continue` statements in `do { ... } while (false)` loops. Results are shown on LGTM by default. |
+| Disabled Netty HTTP header validation (`java/netty-http-response-splitting`) | security, external/cwe/cwe-113 | Finds response-splitting vulnerabilities due to Netty HTTP header validation being disabled. Results are shown on LGTM by default. |

 ## Changes to existing queries