Semmle is joining GitHub
book a demo
  • Products
    • CodeQL
    • LGTM
  • Resources
    • Variant Analysis
    • Security Research
    • Case Studies
  • Company
    • About Us
    • News
    • Events
    • Jobs
  • Blog
  • Contact
Get started
DocumentationBlogNewsCareers

Posts in:

JavaScript

QL

Etherpad reflected file download: Vulnerability hunting with QL (CVE-2018-6835)

This blog post explains how QL can be used to discover so-called 'Reflected File Download' vulnerabilities in JavaScript applications. As an example, we look at CVE-2018-6835 which we recently found in the Etherpad collaborative editor.
March 29, 2018
NEWS

TypeScript support on LGTM

LGTM now supports TypeScript as part of its existing JavaScript analysis.
January 26, 2018
LGTM

Lodash vs Underscore: Dash of the titans

Lodash and Underscore are both prominent members of the top-10 of most-used JavaScript packages. This blog post investigates the popular belief that Lodash is becoming more popular at the expense of Underscore, and explores what could be behind the r…
October 26, 2017
Browse all tags
DocumentationBlogNewsCareers
Privacy PolicyTerms and ConditionsFollow us on LinkedIn