CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.0.2 (changelog, source)
Search

Module InsufficientPasswordHash

Import path

import semmle.javascript.security.dataflow.InsufficientPasswordHashCustomizations

Classes

CleartextPasswordSource

A potential clear-text password, considered as a source for password hashing with insufficient computational effort.

InsufficientPasswordHashAlgorithm

An expression used by a cryptographic algorithm that is not suitable for password hashing.

Sanitizer

A sanitizer for password hashing with insufficient computational effort.

Sink

A data flow sink for password hashing with insufficient computational effort.

Source

A data flow source for password hashing with insufficient computational effort.