hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update Change Note

Browse Source
This commit is contained in:
Maiky
2023-07-20 12:33:26 +02:00
parent 1a1fee3088
commit 6d6a243776
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/lib/change-notes/2023-07-20-add-unsafe-deserialization-sinks.md
View File

@@ -1,3 +1,3 @@
category: minorAnalysis
---
* Improved modeling of decoding through pickle related functions (which can lead to code execution), resulting in additional sinks for the _Deserializing untrusted input_ query (`py/unsafe-deserialization`). Add support for `pandas.read_pickle`.
* Improved modeling of decoding through pickle related functions (which can lead to code execution), resulting in additional sinks for the _Deserializing untrusted input_ query (`py/unsafe-deserialization`). Add support for `pandas.read_pickle`, `numpy.load` and `joblib.load`.