CodeQL library for Java/Kotlin
codeql/java-all 0.9.0 (changelog, source)
Index
Search

Module TemplateInjectionQuery

Provides a taint tracking configuration for server-side template injection (SST) vulnerabilities

Import path

import semmle.code.java.security.TemplateInjectionQuery

Imports

FlowSources

Provides classes representing various flow sources for taint tracking.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

TemplateInjection

Definitions related to the server-side template injection (SST) query.

java

Provides all default Java QL imports.

Classes

TemplateInjectionFlowConfig

DEPRECATED: Use TemplateInjectionFlow instead.

Modules

TemplateInjectionFlowConfig

A taint tracking configuration to reason about server-side template injection (SST) vulnerabilities

Aliases

TemplateInjectionFlow

Tracks server-side template injection (SST) vulnerabilities