hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update csharp/ql/src/change-notes/released/0.3.3.md

Browse Source 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
This commit is contained in:
Ian Lynagh
2022-08-25 14:24:11 +01:00
committed by GitHub
parent fb12d85d3c
commit 9a3b540551
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
csharp/ql/src/change-notes/released/0.3.3.md
View File

@@ -5,4 +5,4 @@
* Parameters of delegates passed to routing endpoint calls like `MapGet` in ASP.NET Core are now considered remote flow sources.
* The query `cs/unsafe-deserialization-untrusted-input` is not reporting on all calls of `JsonConvert.DeserializeObject` any longer, it only covers cases that explicitly use unsafe serialization settings.
* Added better support for the SQLite framework in the SQL injection query.
* File streams are now considered stored flow sources. Eg. reading query elements from a file can lead to a Second Order SQL injection alert.
* File streams are now considered stored flow sources. For example, reading query elements from a file can lead to a Second Order SQL injection alert.