CodeQL library for Java/Kotlin
codeql/java-all 5.0.1-dev (changelog, source)
Search

Module OgnlInjectionQuery

Provides taint tracking configurations to be used in OGNL injection queries.

Import path

import semmle.code.java.security.OgnlInjectionQuery

Imports

FlowSources

Provides classes representing various flow sources for taint tracking.

OgnlInjection

Provides classes to reason about OGNL injection vulnerabilities.

java

Provides all default Java QL imports.

Modules

OgnlInjectionFlowConfig

A taint-tracking configuration for unvalidated user input that is used in OGNL EL evaluation.

Aliases

OgnlInjectionFlow

Tracks flow of unvalidated user input that is used in OGNL EL evaluation.