Skip to content
GitLab
Next
Menu
Why GitLab
Pricing
Contact Sales
Explore
Why GitLab
Pricing
Contact Sales
Explore
Sign in
Get free trial
Open
0
Merged
40
Closed
17
All
57
Recent searches
{{formattedKey}}
{{ title }}
{{ help }}
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
{{name}}
@{{username}}
None
Any
Upcoming
Started
{{title}}
None
Any
{{title}}
None
Any
{{title}}
None
Any
{{name}}
Yes
No
Yes
No
{{title}}
{{title}}
{{title}}
Created date
Update CSharp_endpoint_unvalidatedRedirect sanitizers and sink patterns
!279
· created
Dec 22, 2023
by
Lanka De Alwis
Community contribution
backend
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
17
Approved
updated
Jan 11, 2024
Updated the rule-hardcoded-sql-expression.yml to remove false positives
!278
· created
Dec 19, 2023
by
Chathumina Vimukthi
16.8
Community contribution
linked-issue
Merged
Approved
updated
Dec 19, 2023
Remove java/xss/XSSReqParamToSendError rule and test file
!276
· created
Dec 19, 2023
by
Lanka De Alwis
Community contribution
devops
secure
group
vulnerability research
section
sec
Merged
5
Approved
updated
Jan 21, 2024
Updated the rule-ScriptInjection.yml
!266
· created
Dec 15, 2023
by
Chathumina Vimukthi
16.8
Community contribution
Hackathon
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
11
Approved
updated
Jan 04, 2024
Add additional sinks for java/rule-PermissiveCORSInjection
!264
· created
Dec 14, 2023
by
Lanka De Alwis
16.7
Community contribution
Hackathon
devops
secure
group
vulnerability research
section
sec
type
maintenance
Merged
10
Approved
updated
Dec 18, 2023
Added the sample code with properties bag to connect to the LDAP server in rule-LDAPInjection.yml
!259
· created
Dec 13, 2023
by
Chathumina Vimukthi
Community contribution
Merged
Approved
updated
Dec 13, 2023
Updated Java LDAP injection rule to remove java.util.Properties.Put() sink
!255
· created
Dec 12, 2023
by
Chathumina Vimukthi
16.7
1st contribution
Community contribution
Merged
9
Approved
updated
May 27, 2024
Renamed and enhanced sast-rule java/script/rule-SpelExpressionParser.yml to include parseRaw.
!254
· created
Dec 12, 2023
by
Jayanaka Fonseka
16.7
1st contribution
Community contribution
devops
secure
group
vulnerability research
section
sec
Merged
13
Approved
updated
Dec 18, 2023
Issue-433061 Update java ModifyAfterValidation rule with new sinks
!246
· created
Dec 10, 2023
by
Lanka De Alwis
1st contribution
Community contribution
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
10
Approved
updated
Dec 13, 2023
Updated C# LDAP Injection rule
!209
· created
Sep 05, 2023
by
Jayanaka Fonseka
1st contribution
Community contribution
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
verdentra
workflow
in dev
Closed
7
0 of 1 Approvals
updated
Sep 15, 2023
Password complexity rule enhancement
!208
· created
Sep 05, 2023
by
Lanka De Alwis
1st contribution
Community contribution
devops
secure
group
static analysis
linked-issue
section
sec
type
feature
verdentra
workflow
in dev
Closed
15
0 of 1 Approvals
updated
Jan 16, 2024
Updated C# CSRF rule: exception for class level CSRF Attribute Scenario
!201
· created
Aug 28, 2023
by
Dinura Seneviratne
16.8
1st contribution
Community contribution
automation:author-reminded
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
verdentra
workflow
in dev
Closed
25
0 of 1 Approvals
updated
Jan 02, 2024
Updated C# CSRF rule: exception for class level CSRF Attribute Scenario
!200
· created
Aug 28, 2023
by
Dinura Seneviratne
1st contribution
Community contribution
workflow
in dev
Closed
2
0 of 1 Approvals
updated
Aug 28, 2023
Improve Go memory aliasing rule
!187
· created
Jul 04, 2023
by
tyage
1st contribution
Community contribution
bug
functional
devops
secure
group
vulnerability research
section
sec
type
bug
workflow
ready for review
Merged
11
Approved
updated
Jul 09, 2023
Check that pathtraversal checks are filesystem calls
!183
· created
Jun 22, 2023
by
Niklas Volcz
1st contribution
Community contribution
devops
secure
feature
addition
group
vulnerability research
section
sec
type
feature
workflow
in dev
Merged
11
1
Approved
updated
Jun 27, 2023
Resolve "False Positives with Go Rule "go/file_permissions/rule-mkdir" (gosec.301-1)"
!115
· created
Feb 01, 2023
by
Julian Thome
15.9
Community contribution
devops
secure
group
vulnerability research
sast-rule-refinement
section
sec
type
maintenance
Merged
4
1
Approved
updated
Feb 01, 2023
Draft: support C# DbBatch (since .NET 6.0)
!111
· created
Dec 28, 2022
by
Tomo Masakura
15.10
Community contribution
automation:author-reminded
devops
secure
feature
enhancement
group
vulnerability research
section
sec
type
feature
workflow
in dev
Closed
7
0 of 1 Approvals
updated
Apr 25, 2023
support oracle, postgres and mysql in .net
!107
· created
Dec 05, 2022
by
Tomo Masakura
15.7
1st contribution
Community contribution
Hackathon
devops
secure
feature
addition
group
vulnerability research
section
sec
type
feature
workflow
in dev
Merged
4
Approved
updated
Jan 10, 2023
not neccessary anti forgery by api controller
!103
· created
Nov 17, 2022
by
Tomo Masakura
15.7
1st contribution
Community contribution
automation:author-reminded
devops
secure
feature
addition
group
vulnerability research
section
sec
type
feature
workflow
in dev
Closed
11
0 of 1 Approvals
updated
Apr 25, 2023
Imported changes (Do not detect HttpDelete or HttpPut)
!100
· created
Oct 31, 2022
by
Julian Thome
15.6
1st contribution
Category:SAST
Community contribution
devops
secure
feature
enhancement
group
vulnerability research
section
sec
type
feature
Merged
4
Approved
updated
Dec 26, 2022
Prev
1
2
3
Next