-
`log4j2` fuzzing is recently revamped in #12304. Even though there are [successful builds from 2024-08-13 and 2024-08-14](https://oss-fuzz-build-logs.storage.googleapis.com/index.html#log4j2), I am no…
-
**Describe the bug**
i was able to get the database type = "HSQLDB" and database name = "PUBLIC" by using --current-db, but when i trying to retrive the table/column names further using common-tables…
-
**Description of the issue**
I attempted to detect this vulnerability in our codebase but it doesn't get picked up. Similar to https://github.com/github/codeql/issues/7586 and https://github.com/gi…
-
# Contact us
# Feature Request
I Deploy and configure Netscaler with terraform in Azure. citrixadc provider has become really good. (Thank you)
My main use cases are pre-authentication and WA…
-
Mostly because of my lack of C knowledge this is working sometimes and segfaulting other times, if someone with some C experience can take a look it will be great.
Expected Results:
```
ruby test.rb…
-
**Description of the issue**
I am testing CodeQL on a simple NestJS test repo before bringing it into our enterprise CI/CD pipeline, and I am receiving a false negative from the SQLInjection query (C…
-
This is mostly relevant to security scans than code quality scans, but it would be good if we could override the severity/score of a rule - for example if I wanted to report all SQLInjection results a…
-
In the older version of EF you were able to do something like, which is useful for dynamic scenarios.
```
var query = db.CampaignCreatives.AsQueryable();
foreach (string include in in…
-
# Create View feature with Gorm
## Describe the feature
```
db.
View.
CreateOrUpdate().
Tables(....tables Names ). // strings
Entities(....tables Names ). // interfaces
…
-
I am new to CodeQL and have successfully run analyses on our Python codebase locally using the full set of Python queries like this:
`codeql database analyze /tmp/codeql_db codeql/python-queries --…