hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
c34d6d116274dec8891ec3ccbf8d7c32db517501
codeql/python/ql/test/query-tests/Security
History
Rasmus Wriedt Larsen c34d6d1162 Python: Add query to handle SQLAlchemy TextClause Injection 
instead of doing this via taint-steps. See description in code/tests.
2021-09-02 10:19:57 +02:00
..
CVE-2018-1281
Python: Port bind-to-all-interfaces to type-tracking
2021-02-23 16:01:24 +01:00
CWE-020-ExternalAPIs
Python: Update test expectations
2021-02-25 11:49:57 +01:00
CWE-020-IncompleteHostnameRegExp
Python: Move py/incomplete-hostname-regexp tests to own folder
2021-07-19 16:48:21 +02:00
CWE-020-IncompleteUrlSubstringSanitization
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-022-PathInjection
Python: Update test expectations
2021-02-25 11:49:57 +01:00
CWE-022-TarSlip
Revert "Merge pull request #5171 from RasmusWL/restructure-queries"
2021-02-17 16:32:53 +01:00
CWE-078-CommandInjection
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-078-CommandInjection-py2
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-079-Jinja2WithoutEscaping
Python: Move Jinja2WithoutEscaping tests to own folder
2021-07-19 16:44:41 +02:00
CWE-079-ReflectedXss
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-089-SQLAlchemyTextClauseInjection
Python: Add query to handle SQLAlchemy TextClause Injection
2021-09-02 10:19:57 +02:00
CWE-089-SqlInjection
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-094-CodeInjection
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-209-StackTraceExposure
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-215-FlaskDebug
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-295-MissingHostKeyValidation
Python: Split CWE-295 tests
2021-02-24 10:12:45 +01:00
CWE-295-RequestWithoutValidation
Revert "Python: Accept RequestWithoutValidation expected output change"
2021-02-24 11:14:18 +01:00
CWE-312-CleartextLogging
Python: Port py/clear-text-logging-sensitive-data
2021-06-25 14:35:31 +02:00
CWE-312-CleartextStorage
Python: Port py/clear-text-storage-sensitive-data
2021-06-24 17:39:08 +02:00
CWE-312-CleartextStorage-py3
Python: Port py/clear-text-storage-sensitive-data
2021-06-24 17:39:08 +02:00
CWE-326-WeakCryptoKey
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-327-BrokenCryptoAlgorithm
Python: Port py/weak-cryptographic-algorithm
2021-04-22 15:23:38 +02:00
CWE-327-InsecureDefaultProtocol
Python: Fix test folder for InsecureDefaultProtocol
2021-07-19 16:56:07 +02:00
CWE-327-InsecureProtocol
Python: Fix test folder for InsecureProtocol
2021-07-19 16:57:00 +02:00
CWE-327-WeakSensitiveDataHashing
Python: Update .expected for py/weak-sensitive-data-hashing
2021-06-11 13:56:55 +02:00
CWE-377-InsecureTemporaryFile
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-502-UnsafeDeserialization
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-601-UrlRedirect
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-730-PolynomialReDoS
Python: Hotfix: Disable ReDoS queries
2021-07-22 10:58:49 +00:00
CWE-730-ReDoS
Merge pull request #6288 from erik-krogh/emptyRedos
2021-08-16 13:48:22 +02:00
CWE-732-WeakFilePermissions
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
CWE-798-HardcodedCredentials
Python: Restructure security tests to contain query name
2021-07-19 16:54:34 +02:00
lib
Python : Add query to detect Server Side Template Injection
2020-07-21 18:01:27 +05:30