Module XmlBomb
Import path
import semmle.javascript.security.dataflow.XmlBombCustomizations
Classes
LocationAsSource | An access to |
RemoteFlowSourceAsSource | DEPRECATED: Use |
Sanitizer | A sanitizer for XML-bomb vulnerabilities. |
Sink | A data flow sink for XML-bomb vulnerabilities. |
Source | A data flow source for XML-bomb vulnerabilities. |
XmlParsingWithEntityResolution | A call to an XML parser that performs internal entity expansion, viewed as a data flow sink for XML-bomb vulnerabilities. |