Module IndirectCommandInjection
Import path
import semmle.javascript.security.dataflow.IndirectCommandInjectionCustomizations
Predicates
argsParseStep | Holds if there is a command line parsing step from |
Classes
CommandLineArgumentsArray | An array of command-line arguments. |
ParsedCommandLineArgumentsAsSource | An object containing parsed command-line arguments, considered as a flow source for command injection. |
Sanitizer | A sanitizer for command-injection vulnerabilities. |
Sink | A data flow sink for command-injection vulnerabilities. |
Source | A data flow source for command-injection vulnerabilities. |
YargsArgv | An array of command line arguments ( |