Skip to content

Pull requests: github/codeql

New pull request New
Clear current search query, filters, and sorts
77 Open 467 Closed
77 Open 467 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

ReDoS refactorizations documentation Java JS Python QL-for-QL Ruby
#8522 by erik-krogh Contributor was closed Jun 29, 2022 Draft
151
Data flow: Use parameterized module to share code between pruning stages C# C++ Java Python Ruby
#8301 by hvitved Contributor was closed Aug 8, 2022 Draft
149
[Java] CWE-089 MyBatis Mapper Sql Injection documentation Java no-change-note-required This PR does not need a change note
#6319 by haby0 Contributor was merged Dec 9, 2021 Loading…
118
Java: Experimental version of Java Command Injection query documentation Java
#13484 by aegilops Contributor was merged Aug 4, 2023 Loading…
86
Java: Add query - insecure environment configuration during JMX/RMI server init documentation Java
#5811 by timoles Contributor was merged Jun 25, 2021 Loading…
74
WIP: Add threat models to java Java
#12958 by aeisenberg Contributor was closed Oct 19, 2023 Draft
56
Generalize data-flow library in preparation for C# adoption C++ Java
#1226 by hvitved Contributor was merged May 6, 2019 Loading…
53
RFC - framework data-flow packs C# C++ Java Python
#4443 by hvitved Contributor was closed Oct 16, 2020 Draft
51
Java: Expand org.apache.commons.codec model Java
#6988 by bmuskalla Contributor was closed Feb 24, 2022 Loading…
51
Quantum: Support for BouncyCastle signature algorithms and block cipher modes documentation Java
#19568 by fegge Contributor was closed Oct 2, 2025 Loading…
47
[Java] CWE-601 Spring url redirection detect documentation Java
#5844 by haby0 Contributor was merged May 18, 2021 Loading…
47
Java: Untrusted data used in external APIs Java
#3938 by lcartey Contributor was merged Aug 13, 2020 Loading…
44
Java: CWE-625 Query to detect regex dot bypass documentation Java
#9873 by luchua-bc Contributor was merged Aug 31, 2022 Loading…
39
Java: Promote HashWithoutSalt query documentation Java ready-for-doc-review This PR requires and is ready for review from the GitHub docs team.
#8541 by joefarebrother Contributor was closed Oct 25, 2022 Loading…
38
Java: Add query for Improper Verification of Intent by Broadcast Receiver (CWE-925) documentation Java ready-for-doc-review This PR requires and is ready for review from the GitHub docs team.
#8669 by joefarebrother Contributor was merged Jun 29, 2022 Loading…
37
Java/C++/C#: Add support for taint-getter/setter summaries in data flow. C# C++ Java
#2498 by aschackmull Contributor was merged Jan 15, 2020 Loading…
35
Java: Clean up ContainerFlow, consider more methods Java
#3918 by aibaars Contributor was merged Jul 10, 2020 Loading…
1
35
Insecure Bean Validation query documentation Java
#3141 by pwntester Contributor was merged Oct 28, 2020 Loading…
34
Dataflow: Deprecate BarrierGuard class C# C++ Go Java Python Ruby Swift
#9590 by aschackmull Contributor was closed Jun 20, 2022 Draft
33
Java: Add JDK sinks C# Java
#11389 by tamasvajk Contributor was closed Nov 13, 2024 Loading…
33
C++/C#/Java: data flow AccessPath up to length 2 C# C++ Java
#1797 by jbj Contributor was merged Sep 9, 2019 Loading…
32
Java: CWE-552 Query to detect unsafe resource loading in Java Spring applications documentation Java
#9199 by luchua-bc Contributor was merged Sep 27, 2022 Loading…
32
Java: CWE-652: Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') documentation Java
#4994 by haby0 Contributor was merged Mar 23, 2021 Loading…
32
Java: Add HTTP Request Splitting to Netty Query documentation Java ready-for-doc-review This PR requires and is ready for review from the GitHub docs team.
#7823 by JLLeitschuh Contributor was merged Feb 15, 2022 Loading…
28
Java: sanitize values which are checked against an allowlist using java.util.List.contains or java.util.Set.contains documentation Java
#17051 by owen-mc Contributor was closed Nov 29, 2024 Loading…
28
ProTip! Add no:assignee to see everything that’s not assigned.