CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.2.2-dev (changelog, source)
Index
Search

Module PrototypePollution

Import path

import semmle.javascript.security.dataflow.PrototypePollutionCustomizations

Imports

CommonFlowState

Contains a class with flow states that are used by multiple queries.

Predicates

isVulnerableDeepExtendCallAllVersions

Holds if call comes from a package named id and is vulnerable to prototype pollution in every version of that package.

isVulnerableVersionOfDeepExtendCall

Holds if call is vulnerable to prototype pollution because the callee is defined by dep.

Classes

DeepExtendSink
Sink

A data flow sink for prototype pollution.

Source

A data flow source for prototype pollution.

TaintedObjectWrapper

DEPRECATED. This flow label is no longer in use, and there is no corresponding flow state, as the query instead relies on implicit reads at the sinks.

Modules

TaintedObjectWrapper

DEPRECATED. Use FlowState::taintedObjectWrapper() instead.