Module InsecureBeanValidationQuery
Provides classes and a taint tracking configuration to reason about insecure bean validation.
Import path
import semmle.code.java.security.InsecureBeanValidationQueryImports
| FlowSources | Provides classes representing various flow sources for taint tracking. |
| TaintTracking | Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses. |
| java | Provides all default Java QL imports. |
Classes
| SetMessageInterpolatorCall | A method call that sets the application’s default message interpolator. |
Modules
| BeanValidationConfig | Taint tracking BeanValidationConfiguration describing the flow of data from user input to the argument of a method that builds constraint error messages. |
Aliases
| BeanValidationFlow | Tracks flow from user input to the argument of a method that builds constraint error messages. |