- The
@security-severitymetadata ofcpp/cgi-xsshas been increased from 6.1 (medium) to 7.8 (high).
- The "Extraction warnings" (
cpp/diagnostics/extraction-warnings) diagnostics query no longer yieldsExtractionRecoverableWarnings forbuild-mode: nonedatabases. The results were found to significantly increase the sizes of the produced SARIF files, making them unprocessable in some cases. - Fixed an issue with the "Suspicious add with sizeof" (
cpp/suspicious-add-sizeof) query causing false positive results inbuild-mode: nonedatabases. - Fixed an issue with the "Uncontrolled format string" (
cpp/tainted-format-string) query involving certain kinds of formatting function implementations. - Fixed an issue with the "Wrong type of arguments to formatting function" (
cpp/wrong-type-format-argument) query causing false positive results inbuild-mode: nonedatabases. - Fixed an issue with the "Multiplication result converted to larger type" (
cpp/integer-multiplication-cast-to-long) query causing false positive results inbuild-mode: nonedatabases.