Skip to content

Issues: semgrep/semgrep-rules

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
31 Open 178 Closed
31 Open 178 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

gcp-sql-database-require-ssl requires setting removed require_ssl property bug Something isn't working
#3505 opened Oct 30, 2024 by KamilaBorowska
1 of 3 tasks
terraform.aws.best-practice.aws-s3-bucket-versioning-not-enabled.aws-s3-bucket-versioning-not-enabled has false positive on v5+ of the Terraform provider for AWS bug Something isn't working
#3497 opened Oct 24, 2024 by nint8835
1 of 3 tasks
[Regression] unquoted-command-substitution-in-command & unquoted-variable-expansion-in-command [BASH] causes semgrep CRASH bug Something isn't working
#3449 opened Aug 12, 2024 by mjnowen
1 of 3 tasks
1
dockerfile.security.missing-user has a false positive related to HEALTHCHECK CMD bug Something isn't working
#3436 opened Jul 25, 2024 by saghaulor
1 of 3 tasks
1
2
Editor logs out after removing - id line from the rule. bug Something isn't working
#3413 opened Jun 23, 2024 by or-akl
ruby dangerous-exec rule did not report dangerous usages properly bug Something isn't working
#3396 opened Jun 7, 2024 by JazJas
1 task
False positives in storage-queue-services-logging for Azure Storage Accounts that don't use a storage queue bug Something isn't working
#3383 opened May 9, 2024 by thombrj
1 of 3 tasks
php.lang.security.injection.tainted-sql-string does not detect SQL statement with newline bug Something isn't working
#3376 opened May 7, 2024 by Sjord
Semgrep rules javascript express vm2 misses real vuln. code bug Something isn't working
#3350 opened Apr 10, 2024 by OrenGitHub
1
Duplicate rules for Slack webhook URL bug Something isn't working
#3345 opened Mar 28, 2024 by Sjord
2
False Positive javascript.express_xss bug Something isn't working
#3339 opened Mar 12, 2024 by aviramshm
1 task
False positives in gorm-hardcoded-secret and gorm-empty-password bug Something isn't working
#3316 opened Mar 4, 2024 by lfama
1 of 3 tasks
False positive in java.lang.security.system.system-setproperty-hardcoded-secret bug Something isn't working
#3312 opened Feb 23, 2024 by Sjord
java/jax-rs/security/insecure-resteasy.yaml no longer relevant? bug Something isn't working
#3294 opened Jan 29, 2024 by JLLeitschuh
1 of 3 tasks
False positive on unquoted-attribute-var for Angular bug Something isn't working
#3205 opened Oct 31, 2023 by Sjord
1
Issue with detect-child-process rule bug Something isn't working
#3105 opened Sep 11, 2023 by joshbouncesecurity
1 of 3 tasks
detected-twitter-oauth rule triggers on minimized CSS files bug Something isn't working
#3104 opened Sep 11, 2023 by mtausig
1 of 3 tasks
@0xDC0DE
False positive in javascript.lang.correctness.useless-assign.useless-assignment bug Something isn't working
#3036 opened Aug 10, 2023 by Sjord
1
c/lang/security/double-free.yaml false positive bug Something isn't working
#2995 opened Jul 4, 2023 by kostya253
1 task
Ruby check-unsafe-reflection-methods false positive for "some_value.tap" bug Something isn't working
#2915 opened May 11, 2023 by nightpool
1 task done
1
Express "tainted-sql-injection" is too broad in the strings it matches bug Something isn't working
#2898 opened May 1, 2023 by ollien
1 of 3 tasks
2
JavaScript rule useless-assign reports false positive with require and object destructuring bug Something isn't working lang:javascript lang:typescript priority:low
#2862 opened Apr 9, 2023 by aarongoldenthal
1 of 3 tasks
1
Remove inferior OWASP XXE DocumentBuilderFactory rules / Add SAXParserFactory bug Something isn't working priority:low
#2848 opened Apr 4, 2023 by coheigea
4
HTML rules should scan HTML templates with different extensions bug Something isn't working enhancement New feature or request
#2508 opened Oct 28, 2022 by Sjord
1
python/lang/security/audit/insecure-transport/requests/request-with-http.yaml does not filter localhost URLs blocked bug Something isn't working
#2461 opened Oct 10, 2022 by clintgibler
1 of 3 tasks
@minusworld
1
ProTip! Mix and match filters to narrow down what you’re looking for.