You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|Using a package with a known vulnerability (cs/use-of-vulnerable-package) | security, external/cwe/cwe-937| Finds project build files that import packages with known vulnerabilities. This is included by default. |
14
-
|Uncontrolled format string (cs/uncontrolled-format-string) | security, external/cwe/cwe-134| Finds data flow from remote inputs to the format string in `String.Format`. This is included by default. |
13
+
|Uncontrolled format string (`cs/uncontrolled-format-string`) | security, external/cwe/cwe-134| Finds data flow from remote inputs to the format string in `String.Format`. This is included by default. |
14
+
|Using a package with a known vulnerability `(`cs/use-of-vulnerable-package`) | security, external/cwe/cwe-937| Finds project build files that import packages with known vulnerabilities. This is included by default. |
15
15
16
16
## Changes to existing queries
17
17
18
+
| Cross-site scripting (`cs/web/xss`) | More results | This query now finds cross-site scripting vulnerabilities in ASP.NET Core applications. |
18
19
| Inconsistent lock sequence (`cs/inconsistent-lock-sequence`) | More results | This query now finds inconsistent lock sequences globally across calls. |
19
20
| Local scope variable shadows member (`cs/local-shadows-member`) | Fewer results | Results have been removed where a constructor parameter shadows a member, because the parameter is probably used to initialize the member. |
20
-
| Cross-site scripting (`cs/web/xss`) | More results | This query now finds cross-site scripting vulnerabilities in ASP.NET Core applications. |
21
-
|*@name of query (Query ID)*|*Impact on results*|*How/why the query has changed*|
0 commit comments