forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathjava-code-scanning.qls.expected
More file actions
80 lines (80 loc) · 4.57 KB
/
java-code-scanning.qls.expected
File metadata and controls
80 lines (80 loc) · 4.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
ql/java/ql/src/Diagnostics/ExtractionErrors.ql
ql/java/ql/src/Diagnostics/ExtractionWarnings.ql
ql/java/ql/src/Diagnostics/SuccessfullyExtractedFiles.ql
ql/java/ql/src/Likely Bugs/Arithmetic/InformationLoss.ql
ql/java/ql/src/Metrics/Summaries/LinesOfCode.ql
ql/java/ql/src/Metrics/Summaries/LinesOfCodeJava.ql
ql/java/ql/src/Metrics/Summaries/LinesOfCodeKotlin.ql
ql/java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql
ql/java/ql/src/Security/CWE/CWE-022/TaintedPath.ql
ql/java/ql/src/Security/CWE/CWE-022/ZipSlip.ql
ql/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalFromRemote.ql
ql/java/ql/src/Security/CWE/CWE-074/JndiInjection.ql
ql/java/ql/src/Security/CWE/CWE-074/XsltInjection.ql
ql/java/ql/src/Security/CWE/CWE-078/ExecTainted.ql
ql/java/ql/src/Security/CWE/CWE-079/XSS.ql
ql/java/ql/src/Security/CWE/CWE-089/SqlTainted.ql
ql/java/ql/src/Security/CWE/CWE-090/LdapInjection.ql
ql/java/ql/src/Security/CWE/CWE-094/GroovyInjection.ql
ql/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.ql
ql/java/ql/src/Security/CWE/CWE-094/JexlInjection.ql
ql/java/ql/src/Security/CWE/CWE-094/MvelInjection.ql
ql/java/ql/src/Security/CWE/CWE-094/SpelInjection.ql
ql/java/ql/src/Security/CWE/CWE-094/TemplateInjection.ql
ql/java/ql/src/Security/CWE/CWE-1004/SensitiveCookieNotHttpOnly.ql
ql/java/ql/src/Security/CWE/CWE-1104/MavenPomDependsOnBintray.ql
ql/java/ql/src/Security/CWE/CWE-113/NettyResponseSplitting.ql
ql/java/ql/src/Security/CWE/CWE-113/ResponseSplitting.ql
ql/java/ql/src/Security/CWE/CWE-1204/StaticInitializationVector.ql
ql/java/ql/src/Security/CWE/CWE-134/ExternallyControlledFormatString.ql
ql/java/ql/src/Security/CWE/CWE-200/SpringBootActuators.ql
ql/java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/SpringBootActuatorsConfig.ql
ql/java/ql/src/Security/CWE/CWE-209/SensitiveDataExposureThroughErrorMessage.ql
ql/java/ql/src/Security/CWE/CWE-209/StackTraceExposure.ql
ql/java/ql/src/Security/CWE/CWE-266/IntentUriPermissionManipulation.ql
ql/java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthentication.ql
ql/java/ql/src/Security/CWE/CWE-295/ImproperWebViewCertificateValidation.ql
ql/java/ql/src/Security/CWE/CWE-295/InsecureTrustManager.ql
ql/java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql
ql/java/ql/src/Security/CWE/CWE-312/CleartextStorageCookie.ql
ql/java/ql/src/Security/CWE/CWE-326/InsufficientKeySize.ql
ql/java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql
ql/java/ql/src/Security/CWE/CWE-330/InsecureRandomness.ql
ql/java/ql/src/Security/CWE/CWE-335/PredictableSeed.ql
ql/java/ql/src/Security/CWE/CWE-338/JHipsterGeneratedPRNG.ql
ql/java/ql/src/Security/CWE/CWE-347/MissingJWTSignatureCheck.ql
ql/java/ql/src/Security/CWE/CWE-352/SpringCSRFProtection.ql
ql/java/ql/src/Security/CWE/CWE-441/UnsafeContentUriResolution.ql
ql/java/ql/src/Security/CWE/CWE-470/FragmentInjection.ql
ql/java/ql/src/Security/CWE/CWE-470/FragmentInjectionInPreferenceActivity.ql
ql/java/ql/src/Security/CWE/CWE-489/DebuggableAttributeEnabled.ql
ql/java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.ql
ql/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.ql
ql/java/ql/src/Security/CWE/CWE-522/InsecureLdapAuth.ql
ql/java/ql/src/Security/CWE/CWE-552/UrlForward.ql
ql/java/ql/src/Security/CWE/CWE-601/UrlRedirect.ql
ql/java/ql/src/Security/CWE/CWE-611/XXE.ql
ql/java/ql/src/Security/CWE/CWE-614/InsecureCookie.ql
ql/java/ql/src/Security/CWE/CWE-643/XPathInjection.ql
ql/java/ql/src/Security/CWE/CWE-681/NumericCastTainted.ql
ql/java/ql/src/Security/CWE/CWE-730/PolynomialReDoS.ql
ql/java/ql/src/Security/CWE/CWE-730/ReDoS.ql
ql/java/ql/src/Security/CWE/CWE-730/RegexInjection.ql
ql/java/ql/src/Security/CWE/CWE-732/ReadingFromWorldWritableFile.ql
ql/java/ql/src/Security/CWE/CWE-780/RsaWithoutOaep.ql
ql/java/ql/src/Security/CWE/CWE-807/TaintedPermissionsCheck.ql
ql/java/ql/src/Security/CWE/CWE-829/InsecureDependencyResolution.ql
ql/java/ql/src/Security/CWE/CWE-917/OgnlInjection.ql
ql/java/ql/src/Security/CWE/CWE-918/RequestForgery.ql
ql/java/ql/src/Security/CWE/CWE-925/ImproperIntentVerification.ql
ql/java/ql/src/Security/CWE/CWE-926/ImplicitlyExportedAndroidComponent.ql
ql/java/ql/src/Security/CWE/CWE-927/ImplicitPendingIntents.ql
ql/java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.ql
ql/java/ql/src/Telemetry/DatabaseQualityDiagnostics.ql
ql/java/ql/src/Telemetry/ExternalLibraryUsage.ql
ql/java/ql/src/Telemetry/ExtractorInformation.ql
ql/java/ql/src/Telemetry/SupportedExternalApis.ql
ql/java/ql/src/Telemetry/SupportedExternalSinks.ql
ql/java/ql/src/Telemetry/SupportedExternalSources.ql
ql/java/ql/src/Telemetry/SupportedExternalTaint.ql
ql/java/ql/src/Telemetry/UnsupportedExternalAPIs.ql