CodeQL library for Python
codeql/python-all 0.9.2 ( changelog , source )
Index
Search

Module Pickle

Provides class and predicates to track external data that may represent malicious pickles.

This module is intended to be imported into a taint-tracking query to extend TaintKind and TaintSink.

Import path

import semmle.python.security.injection.Pickle

Imports

Deserialization
TaintTracking
Untrusted
python

Classes

UnpicklingNode

pickle.loads(untrusted) vulnerability.