CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Module CleartextLogging

Provides default sources, sinks and sanitizers for detecting “Clear-text logging of sensitive information” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.CleartextLoggingCustomizations

Classes

LoggingAsSink

A piece of data logged, considered as a flow sink.

PrintedDataAsSink

A piece of data printed, considered as a flow sink.

Sanitizer

A sanitizer for “Clear-text logging of sensitive information” vulnerabilities.

SensitiveDataSourceAsSource

A source of sensitive data, considered as a flow source.

Sink

A data flow sink for “Clear-text logging of sensitive information” vulnerabilities.

Source

A data flow source for “Clear-text logging of sensitive information” vulnerabilities.