- Added a new query,
java/android/incomplete-provider-permissions, to detect if an Android ContentProvider is not protected with a correct set of permissions. - A new query "Uncontrolled data used in content resolution" (
java/androd/unsafe-content-uri-resolution) has been added. This query finds paths from user-provided data to URI resolution operations in Android'sContentResolverwithout previous validation or sanitization.