Skip to content

Issues: github/codeql

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
82 Open 70 Closed
82 Open 70 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Missing code injection TP in JavaScript rule acknowledged GitHub staff acknowledges this issue JS question Further information is requested
#18979 opened Mar 11, 2025 by Anemone95
3
RegExpInjection takes 6 hours to scan the TypeScript repo after 2.20.2 acknowledged GitHub staff acknowledges this issue
#18584 opened Jan 24, 2025 by jakebailey
5
codeql resolve qlpacks is reporting errors for duplicated packs from different languages even though it is not a problem acknowledged GitHub staff acknowledges this issue CLI
#17059 opened Jul 24, 2024 by RobbingDaHood
8
False positive - A secret detected in a go context causes codeql to think all context values are secret acknowledged GitHub staff acknowledges this issue false-positive Go
#16486 opened May 14, 2024 by Jamstah
3
Ruby: ERB parse failure with trailing implicit keyword argument acknowledged GitHub staff acknowledges this issue bug Something isn't working Ruby
#16006 opened Mar 21, 2024 by aibaars
1
Java: Taint flows backwards for array element acknowledged GitHub staff acknowledges this issue bug Something isn't working
#15321 opened Jan 15, 2024 by Marcono1234
5
False positive - cs/unused-reftype - C# acknowledged GitHub staff acknowledges this issue C# false-positive not security This issue does not relate to a security query
#15278 opened Jan 10, 2024 by paoloverdini97
1
C#: False positive acknowledged GitHub staff acknowledges this issue C# false-positive
#15253 opened Jan 8, 2024 by dmeierotto
1
General issue Python:Unable to recognize calling a method through an instance member of a class acknowledged GitHub staff acknowledges this issue Python question Further information is requested
#14899 opened Nov 23, 2023 by luke10481
6
Python : Unable to follow taint through indirect calls acknowledged GitHub staff acknowledges this issue Python question Further information is requested
#14842 opened Nov 20, 2023 by R3x
@RasmusWL
4
False positive: Static field written by instance method by Interlocked API acknowledged GitHub staff acknowledges this issue C# false-positive not security This issue does not relate to a security query
#14840 opened Nov 18, 2023 by sungam3r
1
False positive: Missed 'readonly' opportunity for field used by Interlocked API acknowledged GitHub staff acknowledges this issue C# false-positive not security This issue does not relate to a security query
#14839 opened Nov 18, 2023 by sungam3r
1
False positive - Ruby on Rails: SQL query built from user-controlled sources acknowledged GitHub staff acknowledges this issue false-positive Ruby
#14546 opened Oct 19, 2023 by kostyanf14
2
Does C++ extractor support to process code with unity build? acknowledged GitHub staff acknowledges this issue question Further information is requested
#14479 opened Oct 12, 2023 by nautaa
15
False positive - Unused static function acknowledged GitHub staff acknowledges this issue false-positive
#14371 opened Oct 4, 2023 by andyhhp
1
Certain syntaxes in ruby cause extraction errors acknowledged GitHub staff acknowledges this issue question Further information is requested Ruby
#14279 opened Sep 21, 2023 by wonda-tea-coffee
2
False positive - when json.Marshal output is used - cant result in "Potentially unsafe quoting" acknowledged GitHub staff acknowledges this issue false-positive Go
#14159 opened Sep 7, 2023 by davidhadas
3
C# False Positive Suggestion PathBase acknowledged GitHub staff acknowledges this issue C# false-positive
#13709 opened Jul 11, 2023 by Kwstubbs
1
FP in C# XSS Sink acknowledged GitHub staff acknowledges this issue C# false-positive
#13707 opened Jul 10, 2023 by Kwstubbs
mvnw issue acknowledged GitHub staff acknowledges this issue bug Something isn't working Java
#13435 opened Jun 12, 2023 by am0o0
5
CodeQL CLI may be slow to run when the codeql.zip is extracted at $HOME acknowledged GitHub staff acknowledges this issue question Further information is requested
#13208 opened May 17, 2023 by ghost
1
cpp/missing-check-scanf: False positive acknowledged GitHub staff acknowledges this issue C++ false-positive
#12412 opened Mar 6, 2023 by ryao
2
False positive - cpp/constant-comparison acknowledged GitHub staff acknowledges this issue C++ false-positive
#12399 opened Mar 4, 2023 by ryao
2
Explanation of ”Comparison result is always the same“ in PR is technically correct, but unclear acknowledged GitHub staff acknowledges this issue C++ question Further information is requested
#11744 opened Dec 19, 2022 by ryao
3
False positives - cpp/unbounded-write acknowledged GitHub staff acknowledges this issue C++ false-positive
#11557 opened Dec 4, 2022 by ryao
3
ProTip! no:milestone will show everything without a milestone.