hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Add change note for https://github.com/github/codeql/pull/3938

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2020-10-29 16:02:34 +01:00
parent 9dbfc835fe
commit 4677eb649e
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
java/change-notes/2020-07-09-untrusted-data-to-external-api.md Normal file
View File

@@ -0,0 +1,9 @@
lgtm,codescanning
* Two new queries, "Untrusted data passed to external API" (`java/untrusted-data-to-external-api`)
and "Frequency counts for external APIs that are used with untrusted data"
(`java/count-untrusted-data-external-api`), have been added. These queries
should not be run by default as they are designed to have a low "true
positive" rate. However, they allow you to review the use of untrusted data
in an application to find new security vulnerabilities that are not found by
the default security queries, as well as identifying opportunities to improve
or add modeling of taint steps and sinks.