Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Add CVE-2018-2380 to comments of rules #1267
Thank you for the PR, @franbuehler. This looks very good. I wonder if we really want to add so many notes for all CVEs, but given this is part of an issue, let's merge these and then discuss things for the future. After all, Java injection is something we want to improve and these notes underline this.
Question: Would it make sense to create tests for each CVE, so we are sure the notes will be true in the future when we change the regexes?