codeql/java/change-notes/2020-12-09-xxe-fp-fix.md

mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
lgtm,codescanning
* The query "Resolving XML external entity in user-controlled data" (`java/xxe`) has been improved to report fewer false positives when a `SAXParserFactory` is configured safely.
	`lgtm,codescanning`
	* The query "Resolving XML external entity in user-controlled data" (`java/xxe`) has been improved to report fewer false positives when a `SAXParserFactory` is configured safely.