codeql/0.3.2.md at 798a736d169deef08503edb64983a445e37637c1 - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2026-02-18 07:53:43 +01:00

Files

github-actions[bot] 57c4f9145b Release preparation for version 2.10.3

2022-08-11 11:12:15 +00:00

717 B

Raw Blame History

0.3.2

New Queries

A new query "Android WebView that accepts all certificates" (java/improper-webview-certificate-validation) has been added. This query finds implementations of WebViewClients that accept all certificates in the case of an SSL error.

Major Analysis Improvements

The query java/sensitive-log has been improved to no longer report results that are effectively duplicates due to one source flowing to another source.

Minor Analysis Improvements

The query java/path-injection now recognises vulnerable APIs defined using the SinkModelCsv class with the create-file type. Out of the box this includes Apache Commons-IO functions, as well as any user-defined sinks.