CodeQL library for JavaScript
Search

Module ZipSlipQuery

Provides a taint tracking configuration for reasoning about unsafe zip and tar archive extraction.

Note, for performance reasons: only import this file if ZipSlip::Configuration is needed, otherwise ZipSlipCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.ZipSlipQuery

Imports

ZipSlip
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

A taint tracking configuration for unsafe archive extraction.