-
Notifications
You must be signed in to change notification settings - Fork 395
Issues: semgrep/semgrep-rules
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Milestones
Assignee
Sort
Issues list
gcp-sql-database-require-ssl requires setting removed require_ssl property
bug
#3505
opened Oct 30, 2024 by
KamilaBorowska
1 of 3 tasks
SQL_INJECTION_JDBC-1.SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE-1 throws false positive for integer only parameter
bug
Something isn't working
#3503
opened Oct 27, 2024 by
GiantCrocodile
1 of 3 tasks
java.servlets.security.httpservlet-path-traversal.httpservlet-path-traversal shows false positive due to ignoring regex check
bug
Something isn't working
#3502
opened Oct 27, 2024 by
GiantCrocodile
1 of 3 tasks
terraform.aws.best-practice.aws-s3-bucket-versioning-not-enabled.aws-s3-bucket-versioning-not-enabled has false positive on v5+ of the Terraform provider for AWS
bug
Something isn't working
#3497
opened Oct 24, 2024 by
nint8835
1 of 3 tasks
[Regression] unquoted-command-substitution-in-command & unquoted-variable-expansion-in-command [BASH] causes semgrep CRASH
bug
Something isn't working
#3449
opened Aug 12, 2024 by
mjnowen
1 of 3 tasks
dockerfile.security.missing-user has a false positive related to HEALTHCHECK CMD
bug
Something isn't working
#3436
opened Jul 25, 2024 by
saghaulor
1 of 3 tasks
Editor logs out after removing - id line from the rule.
bug
Something isn't working
#3413
opened Jun 23, 2024 by
or-akl
ruby dangerous-exec rule did not report dangerous usages properly
bug
Something isn't working
#3396
opened Jun 7, 2024 by
JazJas
1 task
False positives in storage-queue-services-logging for Azure Storage Accounts that don't use a storage queue
bug
Something isn't working
#3383
opened May 9, 2024 by
thombrj
1 of 3 tasks
php.lang.security.injection.tainted-sql-string does not detect SQL statement with newline
bug
Something isn't working
#3376
opened May 7, 2024 by
Sjord
Semgrep rules javascript express vm2 misses real vuln. code
bug
Something isn't working
#3350
opened Apr 10, 2024 by
OrenGitHub
Duplicate rules for Slack webhook URL
bug
Something isn't working
#3345
opened Mar 28, 2024 by
Sjord
False Positive javascript.express_xss
bug
Something isn't working
#3339
opened Mar 12, 2024 by
aviramshm
1 task
False positives in gorm-hardcoded-secret and gorm-empty-password
bug
Something isn't working
#3316
opened Mar 4, 2024 by
lfama
1 of 3 tasks
False positive in java.lang.security.system.system-setproperty-hardcoded-secret
bug
Something isn't working
#3312
opened Feb 23, 2024 by
Sjord
java/jax-rs/security/insecure-resteasy.yaml no longer relevant?
bug
Something isn't working
#3294
opened Jan 29, 2024 by
JLLeitschuh
1 of 3 tasks
False positive on unquoted-attribute-var for Angular
bug
Something isn't working
#3205
opened Oct 31, 2023 by
Sjord
Issue with detect-child-process rule
bug
Something isn't working
#3105
opened Sep 11, 2023 by
joshbouncesecurity
1 of 3 tasks
detected-twitter-oauth rule triggers on minimized CSS files
bug
Something isn't working
#3104
opened Sep 11, 2023 by
mtausig
1 of 3 tasks
False positive in javascript.lang.correctness.useless-assign.useless-assignment
bug
Something isn't working
#3036
opened Aug 10, 2023 by
Sjord
[Rule] Dependency confusion
enhancement
New feature or request
lang:dockerfile
priority:low
#3032
opened Aug 8, 2023 by
Sjord
A false negative (miss) in asyncpg-sqli ruleset
false-negative
False negative (FN) findings
lang:python
priority:low
#3027
opened Aug 4, 2023 by
kholia
Previous Next
ProTip!
Updated in the last three days: updated:>2024-11-03.