codeql/2020-12-09-xxe-fp-fix.md at sauyon/java-spring-stringutils - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Files

Joe Farebrother 732542adcb Add change note

2020-12-09 16:41:31 +00:00

199 B

Raw Permalink Blame History

lgtm,codescanning

The query "Resolving XML external entity in user-controlled data" (java/xxe) has been improved to report fewer false positives when a SAXParserFactory is configured safely.