codeql

hohn/codeql

Fork 0

mirror of https://github.com/github/codeql.git synced 2026-01-08 12:10:22 +01:00

Files

History

Alvaro Muñoz 8323819504 New sources for octokit/request-action

2024-10-17 15:51:00 +02:00

CWE-074

Update expected tests

2024-10-14 15:10:31 +02:00

CWE-077

Better handling of EnvVar Injection and Argument Injection

2024-10-16 08:48:32 +02:00

CWE-078

Fix: ControlChecks protects/dominates only work with Steps. A sink can be in a sub-step node (eg: ScalarValue)

2024-09-28 23:57:32 +02:00

CWE-088

Better handling of EnvVar Injection and Argument Injection

2024-10-16 08:48:32 +02:00

CWE-094

New sources for octokit/request-action

2024-10-17 15:51:00 +02:00

CWE-200

Improve Env path/var injection queries

2024-04-26 16:17:29 +02:00

CWE-275

fix(queries): Fix Missing Permissions query

2024-07-31 11:45:30 +02:00

CWE-284

Resolve conflict

2024-05-13 09:20:45 +02:00

CWE-285

Fix ImproperAccess query

2024-08-09 17:17:18 +02:00

CWE-312

Add new test for secrets in artifact query

2024-09-06 23:36:29 +02:00

CWE-349

Suppress actions/cache-poisoning/code-injection alerts covered by actions/code-injection/critical

2024-10-01 09:48:16 +02:00

CWE-367

Improve control checks to better account for toctou issues

2024-10-04 18:04:13 +02:00

CWE-571

New expression is always true tests

2024-04-24 21:51:27 +02:00

CWE-829

Clean imports

2024-10-16 11:47:35 +02:00

CWE-918

Add new tests

2024-03-14 22:41:01 +01:00

CWE-1395

feat(queries): Improve Use Of Vulnerable Actions query

2024-08-01 11:37:00 +02:00