Skip to content

Pull requests: github/codeql

New pull request New
Clear current search query, filters, and sorts
77 Open 441 Closed
77 Open 441 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

ReDoS refactorizations documentation Java JS Python QL-for-QL Ruby
#8522 by erik-krogh Contributor was closed Jun 29, 2022 Draft
151
Data flow: Use parameterized module to share code between pruning stages C# C++ Java Python Ruby
#8301 by hvitved Contributor was closed Aug 8, 2022 Draft
149
[Java] CWE-089 MyBatis Mapper Sql Injection documentation Java no-change-note-required This PR does not need a change note
#6319 by haby0 Contributor was merged Dec 9, 2021 Loading…
118
Java: Experimental version of Java Command Injection query documentation Java
#13484 by aegilops Contributor was merged Aug 4, 2023 Loading…
86
Java: Add query - insecure environment configuration during JMX/RMI server init documentation Java
#5811 by timoles Contributor was merged Jun 25, 2021 Loading…
74
WIP: Add threat models to java Java
#12958 by aeisenberg Contributor was closed Oct 19, 2023 Draft
56
RFC - framework data-flow packs C# C++ Java Python
#4443 by hvitved Contributor was closed Oct 16, 2020 Draft
51
Java: Expand org.apache.commons.codec model Java
#6988 by bmuskalla Contributor was closed Feb 24, 2022 Loading…
51
Quantum: Support for BouncyCastle signature algorithms and block cipher modes documentation Java
#19568 by fegge Contributor was closed Oct 2, 2025 Loading…
47
[Java] CWE-601 Spring url redirection detect documentation Java
#5844 by haby0 Contributor was merged May 18, 2021 Loading…
47
Java: CWE-625 Query to detect regex dot bypass documentation Java
#9873 by luchua-bc Contributor was merged Aug 31, 2022 Loading…
39
Java: Promote HashWithoutSalt query documentation Java ready-for-doc-review This PR requires and is ready for review from the GitHub docs team.
#8541 by joefarebrother Contributor was closed Oct 25, 2022 Loading…
38
Java: Add query for Improper Verification of Intent by Broadcast Receiver (CWE-925) documentation Java ready-for-doc-review This PR requires and is ready for review from the GitHub docs team.
#8669 by joefarebrother Contributor was merged Jun 29, 2022 Loading…
37
Java: Clean up ContainerFlow, consider more methods Java
#3918 by aibaars Contributor was merged Jul 10, 2020 Loading…
1
35
Insecure Bean Validation query documentation Java
#3141 by pwntester Contributor was merged Oct 28, 2020 Loading…
34
Dataflow: Deprecate BarrierGuard class C# C++ Go Java Python Ruby Swift
#9590 by aschackmull Contributor was closed Jun 20, 2022 Draft
33
Java: Add JDK sinks C# Java
#11389 by tamasvajk Contributor was closed Nov 13, 2024 Loading…
33
JS: ATM: New features for imports and for function parameters related to an endpoint C# C++ documentation Go Java JS Kotlin Python QL-for-QL Ruby Swift
#8740 by kaeluka was closed Aug 31, 2022 Draft
32
Java: CWE-552 Query to detect unsafe resource loading in Java Spring applications documentation Java
#9199 by luchua-bc Contributor was merged Sep 27, 2022 Loading…
32
Java: CWE-652: Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') documentation Java
#4994 by haby0 Contributor was merged Mar 23, 2021 Loading…
32
Divide and conquer broken due to overflow (CWE-190) Java
#2838 by intrigus-lgtm Contributor was closed Jul 15, 2020 Loading…
30
Java: Add HTTP Request Splitting to Netty Query documentation Java ready-for-doc-review This PR requires and is ready for review from the GitHub docs team.
#7823 by JLLeitschuh Contributor was merged Feb 15, 2022 Loading…
28
Java: sanitize values which are checked against an allowlist using java.util.List.contains or java.util.Set.contains documentation Java
#17051 by owen-mc Contributor was closed Nov 29, 2024 Loading…
28
Java: JShell Injection documentation Java
#5955 by haby0 Contributor was merged Jun 24, 2021 Loading…
28
[Java] CWE-552: Unsafe url forward documentation Java
#6240 by haby0 Contributor was merged Oct 19, 2021 Loading…
27
ProTip! Add no:assignee to see everything that’s not assigned.