hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
682a71176d15d3baa6ce1625f464768766272633
codeql/javascript
History
Asger Feldthaus 682a71176d JS: Make TaintedFormatString have same severity as LogInjection 
The CWE number for this query is associated with buffer overflows
from printf/scanf-style functions in C++, which has likely determined
its derived security score.

But in JavaScript, a tainted format string is unlikely to lead to
anything worse than log injection so we're manually update its score
to reflect this.
2021-10-05 10:10:01 +02:00
..
change-notes
Merge pull request #6587 from erik-krogh/ts44
2021-09-15 04:00:13 -07:00
config/suites
JS: move js/resource-exhaustion to experimental
2021-01-21 09:09:01 +01:00
documentation
Update some out of date information
2020-04-08 10:36:04 +01:00
externs
Fix dead links in JS externs too
2021-04-23 15:46:48 +01:00
extractor
add JS support for static initializers
2021-09-14 20:40:46 +02:00
ql
JS: Make TaintedFormatString have same severity as LogInjection
2021-10-05 10:10:01 +02:00
upgrades
fix dbsheme upgrade from TypeScript 4.4 PR
2021-09-15 22:38:27 +02:00