codeql/2021-02-11-apollo-client.md at z80coder/query-pack-release-candidate-2 - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Files

Erik Krogh Kristensen 004147a22f add change note

2021-02-11 17:54:53 +01:00

493 B

Raw Permalink Blame History

lgtm,codescanning

URIs used in the Apollo-link libraries are now recognized as sinks for js/request-forgery. Affected packages are apollo-link-http, apollo-client, apollo-boost, apollo-client-preset, and apollo-link-ws