CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.12 (changelog, source)
Search

Module IndirectCommandInjectionQuery

Provides a taint-tracking configuration for reasoning about command-injection vulnerabilities (CWE-078).

Import path

import semmle.javascript.security.dataflow.IndirectCommandInjectionQuery

Imports

IndirectCommandInjection
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

A taint-tracking configuration for reasoning about command-injection vulnerabilities.