hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

spelling: executables

Browse Source 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
This commit is contained in:
Josh Soref
2022-10-09 07:13:45 -04:00
parent 3b9546f02e
commit cbea5ec40c
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/src/Security/CWE-829/InsecureDownload.qhelp
View File

@@ -4,7 +4,7 @@
<qhelp> <qhelp>
<overview> <overview>
<p> <p>
Downloading executeables or other sensitive files over an unencrypted connection Downloading executables or other sensitive files over an unencrypted connection
can leave a server open to man-in-the-middle attacks (MITM). can leave a server open to man-in-the-middle attacks (MITM).
Such an attack can allow an attacker to insert arbitrary content Such an attack can allow an attacker to insert arbitrary content
into the downloaded file, and in the worst case, allow the attacker to execute into the downloaded file, and in the worst case, allow the attacker to execute

2
ruby/ql/src/queries/security/cwe-829/InsecureDownload.qhelp
View File

@@ -4,7 +4,7 @@
<qhelp> <qhelp>
<overview> <overview>
<p> <p>
Downloading executeables or other sensitive files over an unencrypted connection Downloading executables or other sensitive files over an unencrypted connection
can leave a server open to man-in-the-middle attacks (MITM). can leave a server open to man-in-the-middle attacks (MITM).
Such an attack can allow an attacker to insert arbitrary content Such an attack can allow an attacker to insert arbitrary content
into the downloaded file, and in the worst case, allow the attacker to execute into the downloaded file, and in the worst case, allow the attacker to execute