CodeQL library for Java/Kotlin
codeql/java-all 0.10.0 (changelog, source)
Search

Module Xxe

Provides classes to reason about XML eXternal Entity (XXE) vulnerabilities.

Import path

import semmle.code.java.security.Xxe

Imports

java

Provides all default Java QL imports.

Classes

XxeAdditionalTaintStep

A unit class for adding additional taint steps.

XxeSanitizer

A node that acts as a sanitizer in configurations realted to XXE vulnerabilities.

XxeSink

A node where insecure XML parsing takes place.