CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.6.3 (changelog, source)
Index
Search

Module IndirectCommandInjectionQuery

Provides a taint-tracking configuration for reasoning about command-injection vulnerabilities (CWE-078).

Import path

import semmle.javascript.security.dataflow.IndirectCommandInjectionQuery

Imports

IndirectCommandInjection
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

DEPRECATED. Use the IndirectCommandInjectionFlow module instead.

Modules

IndirectCommandInjectionConfig

A taint-tracking configuration for reasoning about command-injection vulnerabilities.

Aliases

IndirectCommandInjectionFlow

Taint-tracking for reasoning about command-injection vulnerabilities.