GitHub Security Lab: CPP: Add query for CWE-266 Incorrect Privilege Assignment

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: [Java]: CWE-073 - File path injection with the JFinal framework

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Java: An experimental query for ignored hostname verification

This bug was reported directly to GitHub Security Lab...

GHSA-6QQ8-5WQ3-86RP Traefik vulnerable to Open Redirect via handling of X-Forwarded-Prefix header

Summary There exists a potential open redirect vulnerability in Traefik's handling of the X-Forwarded-Prefix header. Active Exploitation of this issue is unlikely as it would require active header injection, however the Traefik team addressed this issue nonetheless to prevent abuse in e.g. cache...

Traefik vulnerable to Open Redirect via handling of X-Forwarded-Prefix header

Summary There exists a potential open redirect vulnerability in Traefik's handling of the X-Forwarded-Prefix header. Active Exploitation of this issue is unlikely as it would require active header injection, however the Traefik team addressed this issue nonetheless to prevent abuse in e.g. cache...

GitHub Security Lab: [Python]: Add shutil module sinks for path injection query

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: [Java] CWE-552: Query to detect unsafe request dispatcher usage

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Java: Regex injection

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: [Java] CWE-089: MyBatis Mapper XML SQL Injection

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: [Java] CWE-400: Query to detect uncontrolled thread resource consumption

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: [porcupiney.hairs]: [Python] Add Flask Path injection sinks

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: [Python]: JWT security-related queries

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: [Python]: CWE-079: HTTP Header injection

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Yet another SSRF query for Go

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Yet another SSRF query for Go

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Yet another SSRF query for Go

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Yet another SSRF query for Javascript

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Yet another SSRF query for Javascript

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Yet another SSRF query for Javascript

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Yet another SSRF query for Go

This bug was reported directly to GitHub Security Lab...