-
Notifications
You must be signed in to change notification settings - Fork 474
Issues: find-sec-bugs/find-sec-bugs
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Some missing CWEs for BugPatterns in findsecbugs-plugin/src/main/resources/metadata/findbugs.xml
#742
opened Sep 26, 2024 by
davewichers
False Positive: XXE_SCHEMA_FACTORY detector does not account for setting properties in separate method
false-positive
Something that should not report.
#738
opened Jun 10, 2024 by
javanegmond
How do I use the command line arguments passed in by spotbugs in findsecbugs
#737
opened Jun 6, 2024 by
sjlx12345
Cannot build find-sec-bugs from local, CrlfLogInjectionDetectorTest fail
#736
opened May 31, 2024 by
bsellier
Add support for JSR305 @Detainted / @Tainted / @Untainted in the taint analysis
#735
opened May 3, 2024 by
gehel
Update website with new version
description
Something related to the description reported.
#733
opened Apr 29, 2024 by
ClaudioConsolmagno
Getting "Hard coded password found here" exception where (IMHO) it shouldn't
#731
opened Mar 5, 2024 by
sliric
Wrapper SQL sink method triggers SQL injection detection
false-positive
Something that should not report.
#722
opened Jan 23, 2024 by
jim-bentler
Mark java.sql.Statement enquoteIdentifer, enquoteLiteral, and enquoteNCharLiteral SQL_INJECTION_SAFE
false-positive
Something that should not report.
good first issue
#721
opened Jan 23, 2024 by
jim-bentler
Replace jwgmeligmeyling/spotbugs-github-action
internal
Related to FSB internal testing, build or other tooling.
#720
opened Jan 10, 2024 by
h3xstream
Inconsistency in HTTP_RESPONSE_SPLITTING Rule: Discrepancy in Violation Reporting with Nested Class
false-negative
Something that we have miss.
#719
opened Dec 22, 2023 by
soyodream
Inconsistency in SQL_INJECTION_JPA Rule: Discrepancy in Violation Reporting with Nested Class
false-negative
Something that we have miss.
#718
opened Dec 18, 2023 by
soyodream
Feasiblity of transferring this to spotbugs organization
question
Questions on how to use FSB or about its capabilities.
#717
opened Dec 16, 2023 by
hazendaz
Inconsistency in COMMAND_INJECTION Rule: Discrepancy in Violation Reporting with Nested Class
false-negative
Something that we have miss.
#716
opened Dec 14, 2023 by
soyodream
False Negative: String concatenation with char should not consider char to be SAFE
#711
opened Aug 17, 2023 by
jbindel
Mark sources of Possible JDBC injection as safe
enhancement
New feature or improvement to existing detector.
good first issue
#709
opened Jun 27, 2023 by
apetrelli
IMPROPER_UNICODE rule does not find
equalsIgnoreCase usage when used as method reference
#708
opened Jun 26, 2023 by
Vampire
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.