Python: Add change note for requests without cert verification query.

2026-04-30 11:15:13 +02:00 · 2018-11-23 14:48:19 +00:00
parent 6588606739
commit bfc001cc68
1 changed files with 1 additions and 0 deletions
--- a/change-notes/1.19/analysis-python.md
+++ b/change-notes/1.19/analysis-python.md
@@ -57,6 +57,7 @@ A new predicate `Stmt.getAnEntryNode()` has been added to make it easier to writ
 | **Query**                   | **Tags**  | **Purpose**                                                        |
 |-----------------------------|-----------|--------------------------------------------------------------------|
 | Information exposure through an exception (`py/stack-trace-exposure`) | security, external/cwe/cwe-209, external/cwe/cwe-497 | Finds instances where information about an exception may be leaked to an external user. Enabled on LGTM by default. |
+| Request Without Certificate Validation (`py/request-without-cert-validation`) | security, external/cwe/cwe-295 | Finds requests where certificate verification has been explicitly turned off, possibly allowing man-in-the-middle attacks. Not enabled on LGTM by default. |

 ## Changes to existing queries