hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
6dd776b2de9e6eede27d2cc22d9781db4fe8a83d
codeql/python/ql/test/experimental/query-tests/Security
History
Rasmus Wriedt Larsen 6dd776b2de Python: Only produce one alert per vulnerable XML sink 
This made it much easier to debug the current alerts on tests at least.

Notice that it's important that we have `strictconcat` and not just
`concat`, since `concat` will also allow flow to sinks that are not
vulnerable to any kind of XML vulnerability :|
2022-03-02 15:22:11 +01:00
..
CWE-074
Python: Fix .qlref for experimental security tests
2020-09-02 15:35:50 +02:00
CWE-091
Python: Fix .qlref for experimental security tests
2020-09-02 15:35:50 +02:00
CWE-113
Update .expected
2021-10-16 13:12:33 +02:00
CWE-287
Update .expected
2021-06-28 14:18:27 +02:00
CWE-338
add tests
2021-12-04 00:52:15 +08:00
CWE-347
Update .expected
2022-02-23 00:55:39 +01:00
CWE-348
Update python/ql/test/experimental/query-tests/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.expected
2021-10-11 16:46:02 +08:00
CWE-522
Python: Make LDAP global options test better
2021-09-23 10:18:18 +02:00
CWE-522-global-option
Python: Make LDAP global options test better
2021-09-23 10:18:18 +02:00
CWE-611
Python: Only produce one alert per vulnerable XML sink
2022-03-02 15:22:11 +01:00
CWE-643
Python: Minor test cleanup
2021-09-24 16:11:27 +02:00
CWE-943
python: Add missing input
2022-01-21 13:55:33 +01:00