hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

add which commands are flagged in the change-note

Browse Source
This commit is contained in:
erik-krogh
2022-10-31 21:42:59 +01:00
parent fc2112831c
commit 5e5160d4fc
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
javascript/ql/src/change-notes/2022-09-05-second-order-command-injection.md
View File

@@ -4,3 +4,4 @@ category: newQuery
* Added a new query, `js/second-order-command-line-injection`, to detect shell
commands that may execute arbitrary code when the user has control over
the arguments to a command-line program.
This currently flags up unsafe invocations of git and hg.