hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-28 04:43:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
de5470a85c6342b97d1e0e2041f686de8dad17ff
codeql/ruby/ql/test/query-tests/security
History
Owen Mansel-Chan de5470a85c Add MaD barriers for Shellwords.escape and shellescape 
Note that this will only block flow for queries that use the kind `command-injection`.
2026-02-17 22:27:13 +00:00
..
cwe-020
Ruby: Reduce FPs for rb/incomplete-hostname-regexp
2024-04-29 11:19:34 +01:00
cwe-022
Ruby: Track types in data flow
2025-01-06 13:26:10 +01:00
cwe-078
Add MaD barriers for Shellwords.escape and shellescape
2026-02-17 22:27:13 +00:00
cwe-079
Ruby: Track types in data flow
2025-01-06 13:26:10 +01:00
cwe-089
Ruby: Track types in data flow
2025-01-06 13:26:10 +01:00
cwe-094
Ruby: Track types in data flow
2025-01-06 13:26:10 +01:00
cwe-116
Ruby: Update all test util paths to point to the new location.
2024-12-12 13:54:37 +01:00
cwe-117
Ruby: Track types in data flow
2025-01-06 13:26:10 +01:00
cwe-134
Update expected test output
2024-09-24 14:21:38 +02:00
cwe-209
Ruby: Add empty provenance column to expected files.
2024-02-09 11:32:08 +01:00
cwe-295
Ruby: fix wording in rb/request-without-cert-validation
2024-05-01 17:25:58 +01:00
cwe-300
Ruby: Update all test util paths to point to the new location.
2024-12-12 13:54:37 +01:00
cwe-312
Ruby: Track types in data flow
2025-01-06 13:26:10 +01:00
cwe-327
Ruby: remove outdated test comment
2024-06-18 17:51:49 +01:00
cwe-352
Ruby: Fix CSRF test
2024-02-26 11:02:54 +00:00
cwe-502
Ruby: Update expected output (uninteresting).
2024-04-12 09:20:35 +02:00
cwe-506
Ruby: Track types in data flow
2025-01-06 13:26:10 +01:00
cwe-598
Ruby: update rb/sensitive-get-query test output
2023-03-27 09:44:55 +01:00
cwe-601
Ruby: Accept qltest .expected file changes (interesting).
2024-05-22 10:08:59 +02:00
cwe-611
Ruby: Add empty provenance column to expected files.
2024-02-09 11:32:08 +01:00
cwe-732
Ruby: Track types in data flow
2025-01-06 13:26:10 +01:00
cwe-798
Ruby: Track types in data flow
2025-01-06 13:26:10 +01:00
cwe-807-user-controlled-bypass
Ruby: Add empty provenance column to expected files.
2024-02-09 11:32:08 +01:00
cwe-829
Ruby: convert InsecureDownload test to .qlref
2025-06-24 14:57:59 +02:00
cwe-912
Ruby: Add empty provenance column to expected files.
2024-02-09 11:32:08 +01:00
cwe-915
Remove non-breaking spaces from code
2025-09-05 09:41:15 +02:00
cwe-918
Ruby: Update expected output (uninteresting).
2024-04-12 09:20:35 +02:00
cwe-1333-exponential-redos
Ruby: Update expected test output
2023-08-30 13:33:48 +02:00
cwe-1333-polynomial-redos
Ruby: Add empty provenance column to expected files.
2024-02-09 11:32:08 +01:00
cwe-1333-regexp-injection
Update expected test output
2024-09-24 14:21:38 +02:00
decompression-api
Ruby: Add empty provenance column to expected files.
2024-02-09 11:32:08 +01:00