CodeQL library for Java/Kotlin
codeql/java-all 0.8.12 (changelog, source)
Search

Module InsecureTrustManager

Provides classes and predicates to reason about insecure TrustManagers.

Import path

import semmle.code.java.security.InsecureTrustManager

Imports

java

Provides all default Java QL imports.

Classes

InsecureTrustManagerSink

The use of a TrustManager in an SSL context. Intentionally insecure connections are not considered sinks.

InsecureTrustManagerSource

The creation of an insecure TrustManager.