Skip to content

code security test#323

Open
msslulu wants to merge 4 commits into
opentiny:developfrom
msslulu:feat/codeSecurity-test
Open

code security test#323
msslulu wants to merge 4 commits into
opentiny:developfrom
msslulu:feat/codeSecurity-test

fix:codeQL

21c106b
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed Jul 8, 2026 in 3s

8 new alerts including 2 critical severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 2 critical
  • 2 high
  • 4 medium

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 27 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java

See this annotation in the file changed.

Code scanning / CodeQL

Query built from user-controlled sources High test

This query depends on a
user-provided value
.

Check failure on line 42 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled command line Critical test

This command line depends on a
user-provided value
.

Check failure on line 57 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java

See this annotation in the file changed.

Code scanning / CodeQL

Server-side request forgery Critical test

Potential server-side request forgery due to a
user-provided value
.

Check failure on line 80 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High test

This path depends on a
user-provided value
.

Check warning on line 31 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java

See this annotation in the file changed.

Code scanning / CodeQL

Information exposure through an error message Medium test

Error information
can be exposed to an external user.

Check warning on line 46 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java

See this annotation in the file changed.

Code scanning / CodeQL

Information exposure through an error message Medium test

Error information
can be exposed to an external user.

Check warning on line 61 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java

See this annotation in the file changed.

Code scanning / CodeQL

Information exposure through an error message Medium test

Error information
can be exposed to an external user.

Check warning on line 84 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java

See this annotation in the file changed.

Code scanning / CodeQL

Information exposure through an error message Medium test

Error information
can be exposed to an external user.