CodeQL library for Java/Kotlin
codeql/java-all 7.8.3-dev (changelog, source)
Index
Search

Module SpelInjectionQuery

Provides taint tracking and dataflow configurations to be used in SpEL injection queries.

Import path

import semmle.code.java.security.SpelInjectionQuery

Imports

java

Provides all default Java QL imports.

Modules

SpelInjectionConfig

A taint-tracking configuration for unsafe user input that is used to construct and evaluate a SpEL expression.

Aliases

SpelInjectionFlow

Tracks flow of unsafe user input that is used to construct and evaluate a SpEL expression.