CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Module Db

Import path

import semmle.python.web.django.Db

Imports

Sql

Provides class and predicates to track external data that may represent malicious SQL queries or parts of queries.

python

Predicates

Classes

DjangoDbCursor

A taint kind representing a django cursor object.

DjangoDbCursorSource

A kind of taint source representing sources of django cursor objects.

DjangoRawSqlSink

A sink of taint on calls to django.db.models.expressions.RawSQL. This allows arbitrary SQL statements to be executed, which is a security risk.