Skip to content
GitLab
Next
Menu
Why GitLab
Pricing
Contact Sales
Explore
Why GitLab
Pricing
Contact Sales
Explore
Sign in
Get free trial
Open
11
Merged
515
Closed
123
All
649
Recent searches
{{ formattedKey }}
{{ title }}
{{ help }}
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
{{name}}
@{{username}}
None
Any
Upcoming
Started
{{title}}
None
Any
{{title}}
None
Any
{{title}}
None
Any
{{name}}
Yes
No
Yes
No
{{title}}
{{title}}
{{title}}
Created date
Updated BadHexConversion.yml to track taint into a loop
!289
· created
Jan 03, 2024
by
Chathumina Vimukthi
16.8
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
7
Approved
updated
Jan 18, 2024
Enhancement to python/deserialization/rule-pickle.yml
!288
· created
Jan 02, 2024
by
Nasir Devlani
16.9
1st contribution
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
11
Approved
updated
Feb 12, 2024
Update Saml ignore comments rule
!287
· created
Jan 02, 2024
by
Bhavya Kaushal
16.8
Category:SAST
Leading Organization
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
2
Approved
updated
Apr 15, 2024
Enhance sast-rule csharp/injection/rule-CommandInjection.yml
!286
· created
Jan 02, 2024
by
Lanka De Alwis
Community contribution
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
9
Approved
updated
Jan 15, 2024
Updated csharp/rule-csrf to account for usage of AutoValidateAntiforgeryToken
!285
· created
Jan 01, 2024
by
Dinura Seneviratne
1st contribution
devops
secure
feature
enhancement
group
vulnerability research
section
sec
type
feature
Merged
15
Approved
updated
Jan 24, 2024
Update Rule Wicket XSS
!284
· created
Jan 01, 2024
by
Bhavya Kaushal
Contractor Contribution
Leading Organization
linked-issue
Merged
1
Approved
updated
Apr 15, 2024
Updated rule-XpathInjection.yml
!283
· created
Dec 29, 2023
by
Chathumina Vimukthi
16.8
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
13
1
Approved
updated
Jan 11, 2024
Jackson deserialization rule
!282
· created
Dec 26, 2023
by
Bhavya Kaushal
16.9
Contractor Contribution
Leading Organization
devops
secure
feature
addition
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
9
Approved
updated
Apr 15, 2024
Update CookieInsecure rule and test - Added jakarta support
!281
· created
Dec 25, 2023
by
Bhavya Kaushal
16.8
Contractor Contribution
Leading Organization
devops
secure
group
vulnerability research
linked-issue
section
sec
Merged
3
Approved
updated
Apr 15, 2024
Updated the rule-TemplateInjection.yml
!280
· created
Dec 22, 2023
by
Chathumina Vimukthi
backend
devops
secure
group
vulnerability research
section
sec
type
maintenance
Closed
37
0 of 1 Approvals
updated
Jun 07, 2024
Update CSharp_endpoint_unvalidatedRedirect sanitizers and sink patterns
!279
· created
Dec 22, 2023
by
Lanka De Alwis
Community contribution
backend
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
17
Approved
updated
Jan 11, 2024
Updated the rule-hardcoded-sql-expression.yml to remove false positives
!278
· created
Dec 19, 2023
by
Chathumina Vimukthi
16.8
Community contribution
linked-issue
Merged
Approved
updated
Dec 19, 2023
CookieHTTPOnly - support for Jakarta
!277
· created
Dec 19, 2023
by
Bhavya Kaushal
Contractor Contribution
Leading Organization
devops
secure
feature
addition
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
3
Approved
updated
Apr 15, 2024
Remove java/xss/XSSReqParamToSendError rule and test file
!276
· created
Dec 19, 2023
by
Lanka De Alwis
Community contribution
devops
secure
group
vulnerability research
section
sec
Merged
5
Approved
updated
Jan 21, 2024
Fix autoformatter
!275
· created
Dec 18, 2023
by
Dinesh Bolkensteyn
devops
secure
group
vulnerability research
maintenance
workflow
section
sec
type
maintenance
Merged
Approved
updated
Dec 18, 2023
Update 'python/exec/rule-subprocess-popen-shell-true.yml' to fix false-positives
!274
· created
Dec 18, 2023
by
Dinesh Bolkensteyn
16.8
devops
secure
feature
enhancement
group
vulnerability research
section
sec
type
feature
Merged
4
Approved
updated
Dec 19, 2023
Update 'go/injection/rule-ssrf.yml' to remove false-positives
!273
· created
Dec 18, 2023
by
Dinesh Bolkensteyn
16.8
devops
secure
feature
enhancement
group
vulnerability research
section
sec
type
feature
Merged
1
Approved
updated
Dec 19, 2023
Update 'go/sql/rule-concat-sqli.yml' to cover more cases
!272
· created
Dec 18, 2023
by
Dinesh Bolkensteyn
16.8
devops
secure
feature
enhancement
group
vulnerability research
section
sec
type
feature
Merged
Approved
updated
Dec 18, 2023
Switch back to release object
!271
· created
Dec 18, 2023
by
Isaac Dawson
Merged
Approved
updated
Dec 18, 2023
Fix assets-link attempt 3
!270
· created
Dec 18, 2023
by
Isaac Dawson
Merged
Approved
updated
Dec 18, 2023
Prev
1
…
15
16
17
18
19
20
21
22
23
…
33
Next