Module UnsafeCertTrust

Provides classes and predicates to reason about unsafe certificate trust vulnerablities.

Import path

import semmle.code.java.security.UnsafeCertTrust

java	Provides all default Java QL imports.

RabbitMQEnableHostnameVerificationNotSet	A call to a method that enables SSL (`useSslProtocol` or `setSslContextFactory`) on an instance of `com.rabbitmq.client.ConnectionFactory` that doesn’t set `enableHostnameVerification`.
SslConnectionCreation	A call to a method that establishes an SSL connection.
SslConnectionInit	The creation of an object that prepares an SSL connection.
SslUnsafeCertTrustSanitizer	An SSL object that correctly verifies hostnames, or doesn’t need to (for instance, because it’s a server).