CodeQL library for Java/Kotlin
codeql/java-all 5.0.1-dev (changelog, source)
Search

Module UnsafeCertTrust

Provides classes and predicates to reason about unsafe certificate trust vulnerablities.

Import path

import semmle.code.java.security.UnsafeCertTrust

Imports

java

Provides all default Java QL imports.

Classes

RabbitMQEnableHostnameVerificationNotSet

A call to a method that enables SSL (useSslProtocol or setSslContextFactory) on an instance of com.rabbitmq.client.ConnectionFactory that doesn’t set enableHostnameVerification.

SslConnectionCreation

A call to a method that establishes an SSL connection.

SslConnectionInit

The creation of an object that prepares an SSL connection.

SslUnsafeCertTrustSanitizer

An SSL object that correctly verifies hostnames, or doesn’t need to (for instance, because it’s a server).