mirror of
https://github.com/github/codeql.git
synced 2026-04-29 02:35:15 +02:00
Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-2019-03-19
This commit is contained in:
Max Schaefer
@@ -183,7 +183,7 @@ public class TokenType {
|
||||
_class = new TokenType(kw("class")),
|
||||
_extends = new TokenType(kw("extends").beforeExpr()),
|
||||
_export = new TokenType(kw("export")),
|
||||
_import = new TokenType(kw("import")),
|
||||
_import = new TokenType(kw("import").startsExpr()),
|
||||
_null = new TokenType(kw("null").startsExpr()),
|
||||
_true = new TokenType(kw("true").startsExpr()),
|
||||
_false = new TokenType(kw("false").startsExpr()),
|
||||
|
||||
@@ -37,7 +37,7 @@ public class Main {
|
||||
* A version identifier that should be updated every time the extractor changes in such a way that
|
||||
* it may produce different tuples for the same file under the same {@link ExtractorConfig}.
|
||||
*/
|
||||
public static final String EXTRACTOR_VERSION = "2019-03-11";
|
||||
public static final String EXTRACTOR_VERSION = "2019-03-13";
|
||||
|
||||
public static final Pattern NEWLINE = Pattern.compile("\n");
|
||||
|
||||
|
||||
3
javascript/extractor/tests/esnext/input/yield-import.js
Normal file
3
javascript/extractor/tests/esnext/input/yield-import.js
Normal file
@@ -0,0 +1,3 @@
|
||||
function* f() {
|
||||
yield import("foo")
|
||||
}
|
||||
@@ -0,0 +1,177 @@
|
||||
#10000=@"/yield-import.js;sourcefile"
|
||||
files(#10000,"/yield-import.js","yield-import","js",0)
|
||||
#10001=@"/;folder"
|
||||
folders(#10001,"/","")
|
||||
containerparent(#10001,#10000)
|
||||
#10002=@"loc,{#10000},0,0,0,0"
|
||||
locations_default(#10002,#10000,0,0,0,0)
|
||||
hasLocation(#10000,#10002)
|
||||
#20000=@"global_scope"
|
||||
scopes(#20000,0)
|
||||
#20001=@"script;{#10000},1,1"
|
||||
#20002=*
|
||||
lines(#20002,#20001,"function* f() {","
|
||||
")
|
||||
#20003=@"loc,{#10000},1,1,1,15"
|
||||
locations_default(#20003,#10000,1,1,1,15)
|
||||
hasLocation(#20002,#20003)
|
||||
#20004=*
|
||||
lines(#20004,#20001," yield import(""foo"")","
|
||||
")
|
||||
#20005=@"loc,{#10000},2,1,2,21"
|
||||
locations_default(#20005,#10000,2,1,2,21)
|
||||
hasLocation(#20004,#20005)
|
||||
indentation(#10000,2," ",2)
|
||||
#20006=*
|
||||
lines(#20006,#20001,"}","
|
||||
")
|
||||
#20007=@"loc,{#10000},3,1,3,1"
|
||||
locations_default(#20007,#10000,3,1,3,1)
|
||||
hasLocation(#20006,#20007)
|
||||
numlines(#20001,3,3,0)
|
||||
#20008=*
|
||||
tokeninfo(#20008,7,#20001,0,"function")
|
||||
#20009=@"loc,{#10000},1,1,1,8"
|
||||
locations_default(#20009,#10000,1,1,1,8)
|
||||
hasLocation(#20008,#20009)
|
||||
#20010=*
|
||||
tokeninfo(#20010,8,#20001,1,"*")
|
||||
#20011=@"loc,{#10000},1,9,1,9"
|
||||
locations_default(#20011,#10000,1,9,1,9)
|
||||
hasLocation(#20010,#20011)
|
||||
#20012=*
|
||||
tokeninfo(#20012,6,#20001,2,"f")
|
||||
#20013=@"loc,{#10000},1,11,1,11"
|
||||
locations_default(#20013,#10000,1,11,1,11)
|
||||
hasLocation(#20012,#20013)
|
||||
#20014=*
|
||||
tokeninfo(#20014,8,#20001,3,"(")
|
||||
#20015=@"loc,{#10000},1,12,1,12"
|
||||
locations_default(#20015,#10000,1,12,1,12)
|
||||
hasLocation(#20014,#20015)
|
||||
#20016=*
|
||||
tokeninfo(#20016,8,#20001,4,")")
|
||||
#20017=@"loc,{#10000},1,13,1,13"
|
||||
locations_default(#20017,#10000,1,13,1,13)
|
||||
hasLocation(#20016,#20017)
|
||||
#20018=*
|
||||
tokeninfo(#20018,8,#20001,5,"{")
|
||||
#20019=@"loc,{#10000},1,15,1,15"
|
||||
locations_default(#20019,#10000,1,15,1,15)
|
||||
hasLocation(#20018,#20019)
|
||||
#20020=*
|
||||
tokeninfo(#20020,7,#20001,6,"yield")
|
||||
#20021=@"loc,{#10000},2,3,2,7"
|
||||
locations_default(#20021,#10000,2,3,2,7)
|
||||
hasLocation(#20020,#20021)
|
||||
#20022=*
|
||||
tokeninfo(#20022,7,#20001,7,"import")
|
||||
#20023=@"loc,{#10000},2,9,2,14"
|
||||
locations_default(#20023,#10000,2,9,2,14)
|
||||
hasLocation(#20022,#20023)
|
||||
#20024=*
|
||||
tokeninfo(#20024,8,#20001,8,"(")
|
||||
#20025=@"loc,{#10000},2,15,2,15"
|
||||
locations_default(#20025,#10000,2,15,2,15)
|
||||
hasLocation(#20024,#20025)
|
||||
#20026=*
|
||||
tokeninfo(#20026,4,#20001,9,"""foo""")
|
||||
#20027=@"loc,{#10000},2,16,2,20"
|
||||
locations_default(#20027,#10000,2,16,2,20)
|
||||
hasLocation(#20026,#20027)
|
||||
#20028=*
|
||||
tokeninfo(#20028,8,#20001,10,")")
|
||||
#20029=@"loc,{#10000},2,21,2,21"
|
||||
locations_default(#20029,#10000,2,21,2,21)
|
||||
hasLocation(#20028,#20029)
|
||||
#20030=*
|
||||
tokeninfo(#20030,8,#20001,11,"}")
|
||||
hasLocation(#20030,#20007)
|
||||
#20031=*
|
||||
tokeninfo(#20031,0,#20001,12,"")
|
||||
#20032=@"loc,{#10000},4,1,4,0"
|
||||
locations_default(#20032,#10000,4,1,4,0)
|
||||
hasLocation(#20031,#20032)
|
||||
toplevels(#20001,0)
|
||||
#20033=@"loc,{#10000},1,1,4,0"
|
||||
locations_default(#20033,#10000,1,1,4,0)
|
||||
hasLocation(#20001,#20033)
|
||||
#20034=@"var;{f};{#20000}"
|
||||
variables(#20034,"f",#20000)
|
||||
#20035=*
|
||||
stmts(#20035,17,#20001,0,"functio ... foo"")\n}")
|
||||
#20036=@"loc,{#10000},1,1,3,1"
|
||||
locations_default(#20036,#10000,1,1,3,1)
|
||||
hasLocation(#20035,#20036)
|
||||
stmtContainers(#20035,#20001)
|
||||
#20037=*
|
||||
exprs(#20037,78,#20035,-1,"f")
|
||||
hasLocation(#20037,#20013)
|
||||
exprContainers(#20037,#20035)
|
||||
literals("f","f",#20037)
|
||||
decl(#20037,#20034)
|
||||
#20038=*
|
||||
scopes(#20038,1)
|
||||
scopenodes(#20035,#20038)
|
||||
scopenesting(#20038,#20000)
|
||||
#20039=@"var;{arguments};{#20038}"
|
||||
variables(#20039,"arguments",#20038)
|
||||
isArgumentsObject(#20039)
|
||||
isGenerator(#20035)
|
||||
#20040=*
|
||||
stmts(#20040,1,#20035,-2,"{\n yie ... foo"")\n}")
|
||||
#20041=@"loc,{#10000},1,15,3,1"
|
||||
locations_default(#20041,#10000,1,15,3,1)
|
||||
hasLocation(#20040,#20041)
|
||||
stmtContainers(#20040,#20035)
|
||||
#20042=*
|
||||
stmts(#20042,2,#20040,0,"yield import(""foo"")")
|
||||
#20043=@"loc,{#10000},2,3,2,21"
|
||||
locations_default(#20043,#10000,2,3,2,21)
|
||||
hasLocation(#20042,#20043)
|
||||
stmtContainers(#20042,#20035)
|
||||
#20044=*
|
||||
exprs(#20044,69,#20042,0,"yield import(""foo"")")
|
||||
hasLocation(#20044,#20043)
|
||||
enclosingStmt(#20044,#20042)
|
||||
exprContainers(#20044,#20035)
|
||||
#20045=*
|
||||
exprs(#20045,99,#20044,0,"import(""foo"")")
|
||||
#20046=@"loc,{#10000},2,9,2,21"
|
||||
locations_default(#20046,#10000,2,9,2,21)
|
||||
hasLocation(#20045,#20046)
|
||||
enclosingStmt(#20045,#20042)
|
||||
exprContainers(#20045,#20035)
|
||||
#20047=*
|
||||
exprs(#20047,4,#20045,0,"""foo""")
|
||||
hasLocation(#20047,#20027)
|
||||
enclosingStmt(#20047,#20042)
|
||||
exprContainers(#20047,#20035)
|
||||
literals("foo","""foo""",#20047)
|
||||
#20048=*
|
||||
entry_cfg_node(#20048,#20001)
|
||||
#20049=@"loc,{#10000},1,1,1,0"
|
||||
locations_default(#20049,#10000,1,1,1,0)
|
||||
hasLocation(#20048,#20049)
|
||||
#20050=*
|
||||
exit_cfg_node(#20050,#20001)
|
||||
hasLocation(#20050,#20032)
|
||||
successor(#20035,#20050)
|
||||
#20051=*
|
||||
entry_cfg_node(#20051,#20035)
|
||||
hasLocation(#20051,#20049)
|
||||
#20052=*
|
||||
exit_cfg_node(#20052,#20035)
|
||||
#20053=@"loc,{#10000},3,2,3,1"
|
||||
locations_default(#20053,#10000,3,2,3,1)
|
||||
hasLocation(#20052,#20053)
|
||||
successor(#20040,#20042)
|
||||
successor(#20042,#20047)
|
||||
successor(#20047,#20045)
|
||||
successor(#20045,#20044)
|
||||
successor(#20044,#20052)
|
||||
successor(#20051,#20040)
|
||||
successor(#20037,#20035)
|
||||
successor(#20048,#20037)
|
||||
numlines(#10000,3,3,0)
|
||||
filetype(#10000,"javascript")
|
||||
@@ -6,7 +6,7 @@
|
||||
* @kind path-problem
|
||||
* @id js/zipslip
|
||||
* @problem.severity error
|
||||
* @precision medium
|
||||
* @precision high
|
||||
* @tags security
|
||||
* external/cwe/cwe-022
|
||||
*/
|
||||
|
||||
@@ -1,34 +1,25 @@
|
||||
/**
|
||||
* Imports the standard library and all taint-tracking configuration classes from the security queries.
|
||||
* Imports the standard library and a selection of taint-tracking configuration classes
|
||||
* from the security queries.
|
||||
*
|
||||
* To enable flow summarization for other queries, import their configuration classes here.
|
||||
*/
|
||||
|
||||
import javascript
|
||||
import semmle.javascript.security.dataflow.BrokenCryptoAlgorithm
|
||||
import semmle.javascript.security.dataflow.CleartextLogging
|
||||
import semmle.javascript.security.dataflow.CleartextStorage
|
||||
import semmle.javascript.security.dataflow.ClientSideUrlRedirect
|
||||
import semmle.javascript.security.dataflow.CodeInjection
|
||||
import semmle.javascript.security.dataflow.CommandInjection
|
||||
import semmle.javascript.security.dataflow.ConditionalBypass
|
||||
import semmle.javascript.security.dataflow.CorsMisconfigurationForCredentials
|
||||
import semmle.javascript.security.dataflow.DifferentKindsComparisonBypass
|
||||
import semmle.javascript.security.dataflow.DomBasedXss as DomBasedXss
|
||||
import semmle.javascript.security.dataflow.FileAccessToHttp
|
||||
import semmle.javascript.security.dataflow.HardcodedCredentials
|
||||
import semmle.javascript.security.dataflow.InsecureRandomness
|
||||
import semmle.javascript.security.dataflow.InsufficientPasswordHash
|
||||
import semmle.javascript.security.dataflow.NosqlInjection
|
||||
import semmle.javascript.security.dataflow.ReflectedXss as ReflectedXss
|
||||
import semmle.javascript.security.dataflow.RegExpInjection
|
||||
import semmle.javascript.security.dataflow.RemotePropertyInjection
|
||||
import semmle.javascript.security.dataflow.RequestForgery
|
||||
import semmle.javascript.security.dataflow.ServerSideUrlRedirect
|
||||
import semmle.javascript.security.dataflow.SqlInjection
|
||||
import semmle.javascript.security.dataflow.StackTraceExposure
|
||||
import semmle.javascript.security.dataflow.StoredXss as StoredXss
|
||||
import semmle.javascript.security.dataflow.TaintedFormatString
|
||||
import semmle.javascript.security.dataflow.TaintedPath
|
||||
import semmle.javascript.security.dataflow.TypeConfusionThroughParameterTampering
|
||||
import semmle.javascript.security.dataflow.UnsafeDeserialization
|
||||
import semmle.javascript.security.dataflow.XmlBomb
|
||||
import semmle.javascript.security.dataflow.XpathInjection
|
||||
|
||||
@@ -570,10 +570,24 @@ private predicate reachableFromInput(
|
||||
callInputStep(f, invk, input, nd, cfg) and
|
||||
summary = PathSummary::level()
|
||||
or
|
||||
exists(DataFlow::Node mid, PathSummary oldSummary, PathSummary newSummary |
|
||||
exists(DataFlow::Node mid, PathSummary oldSummary |
|
||||
reachableFromInput(f, invk, input, mid, cfg, oldSummary) and
|
||||
flowStep(mid, cfg, nd, newSummary) and
|
||||
summary = oldSummary.append(newSummary)
|
||||
appendStep(mid, cfg, oldSummary, nd, summary)
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if there is a step from `pred` to `succ` under `cfg` that can be appended
|
||||
* to a path represented by `oldSummary` yielding a path represented by `newSummary`.
|
||||
*/
|
||||
pragma[noinline]
|
||||
private predicate appendStep(
|
||||
DataFlow::Node pred, DataFlow::Configuration cfg, PathSummary oldSummary, DataFlow::Node succ,
|
||||
PathSummary newSummary
|
||||
) {
|
||||
exists(PathSummary stepSummary |
|
||||
flowStep(pred, cfg, succ, stepSummary) and
|
||||
newSummary = oldSummary.append(stepSummary)
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@@ -216,7 +216,7 @@ private newtype TTypeBackTracker = MkTypeBackTracker(boolean hasReturn) {
|
||||
* t.start() and
|
||||
* result = (< some API call >).getArgument(< n >).getALocalSource()
|
||||
* or
|
||||
* exists (DataFlow::TypeTracker t2 |
|
||||
* exists (DataFlow::TypeBackTracker t2 |
|
||||
* result = myCallback(t2).backtrack(t2, t)
|
||||
* )
|
||||
* }
|
||||
|
||||
@@ -16,7 +16,7 @@ module Electron {
|
||||
/**
|
||||
* An instantiation of `BrowserWindow` or `BrowserView`.
|
||||
*/
|
||||
abstract private class NewBrowserObject extends BrowserObject, DataFlow::TrackedNode {
|
||||
abstract private class NewBrowserObject extends BrowserObject, DataFlow::SourceNode {
|
||||
DataFlow::NewNode self;
|
||||
|
||||
NewBrowserObject() { this = self }
|
||||
@@ -250,10 +250,10 @@ module Electron {
|
||||
/**
|
||||
* An additional flow step via an Electron IPC message.
|
||||
*/
|
||||
private class IPCAdditionalFlowStep extends DataFlow::Configuration {
|
||||
IPCAdditionalFlowStep() { this instanceof DataFlow::Configuration }
|
||||
private class IPCAdditionalFlowStep extends DataFlow::AdditionalFlowStep {
|
||||
IPCAdditionalFlowStep() { ipcFlowStep(this, _) }
|
||||
|
||||
override predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
ipcFlowStep(pred, succ)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,11 +4,7 @@
|
||||
| electron.js:3:10:3:48 | new Bro ... s: {}}) |
|
||||
| electron.js:4:5:4:46 | bv |
|
||||
| electron.js:4:10:4:46 | new Bro ... s: {}}) |
|
||||
| electron.js:35:14:35:14 | x |
|
||||
| electron.js:36:12:36:12 | x |
|
||||
| electron.js:39:1:39:7 | foo(bw) |
|
||||
| electron.js:39:5:39:6 | bw |
|
||||
| electron.js:40:1:40:7 | foo(bv) |
|
||||
| electron.js:40:5:40:6 | bv |
|
||||
| electron.ts:3:12:3:13 | bw |
|
||||
| electron.ts:3:40:3:41 | bv |
|
||||
|
||||
@@ -1,9 +1,5 @@
|
||||
import javascript
|
||||
|
||||
class TestConfig extends DataFlow::Configuration {
|
||||
TestConfig() { this = "TestConfig" }
|
||||
}
|
||||
|
||||
from TestConfig cfg, DataFlow::Node pred, DataFlow::Node succ
|
||||
where cfg.isAdditionalFlowStep(pred, succ)
|
||||
from DataFlow::AdditionalFlowStep afs, DataFlow::Node pred, DataFlow::Node succ
|
||||
where afs.step(pred, succ)
|
||||
select pred, succ
|
||||
|
||||
@@ -1,4 +1,2 @@
|
||||
| electron.js:39:1:39:19 | foo(bw).webContents |
|
||||
| electron.js:40:1:40:19 | foo(bv).webContents |
|
||||
| electron.ts:4:3:4:16 | bw.webContents |
|
||||
| electron.ts:5:3:5:16 | bv.webContents |
|
||||
|
||||
@@ -1,20 +1,11 @@
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | ClearTextStorage |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | CodeInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | CommandInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | ConditionalBypass |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | DomBasedXss |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | FileAccessToHttp |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | InsecureRandomness |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | InsufficientPasswordHash |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | NosqlInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | ReflectedXss |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | RegExpInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | RemotePropertyInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | RequestForgery |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | SqlInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | StackTraceExposure |
|
||||
@@ -25,23 +16,14 @@
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | XmlBomb |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | XpathInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | data | (return (member h (root https://www.npmjs.com/package/infer-sources))) | data | Xxe |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | ClearTextStorage |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | CodeInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | CommandInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | ConditionalBypass |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | DomBasedXss |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | FileAccessToHttp |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | InsecureRandomness |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | InsufficientPasswordHash |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | NosqlInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | ReflectedXss |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | RegExpInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | RemotePropertyInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | RequestForgery |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | SqlInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | StackTraceExposure |
|
||||
@@ -52,23 +34,14 @@
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | XmlBomb |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | XpathInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | Xxe |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | ClearTextStorage |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | CodeInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | CommandInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | ConditionalBypass |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | DomBasedXss |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | FileAccessToHttp |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | InsecureRandomness |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | InsufficientPasswordHash |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | NosqlInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | ReflectedXss |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | RegExpInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | RemotePropertyInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | RequestForgery |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | SqlInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | StackTraceExposure |
|
||||
@@ -79,23 +52,14 @@
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | XmlBomb |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | XpathInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | Xxe |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | ClearTextStorage |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | CodeInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | CommandInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | ConditionalBypass |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | DomBasedXss |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | FileAccessToHttp |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | InsecureRandomness |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | InsufficientPasswordHash |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | NosqlInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | ReflectedXss |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | RegExpInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | RemotePropertyInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | RequestForgery |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | SqlInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | StackTraceExposure |
|
||||
@@ -106,23 +70,14 @@
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | XmlBomb |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | XpathInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | Xxe |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ClearTextStorage |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | CodeInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | CommandInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ConditionalBypass |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | DomBasedXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | FileAccessToHttp |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | InsecureRandomness |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | InsufficientPasswordHash |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | NosqlInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ReflectedXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | RegExpInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | RemotePropertyInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | RequestForgery |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | SqlInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | StackTraceExposure |
|
||||
@@ -133,23 +88,14 @@
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | XmlBomb |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | XpathInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | Xxe |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ClearTextStorage |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | CodeInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | CommandInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ConditionalBypass |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | DomBasedXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | FileAccessToHttp |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | InsecureRandomness |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | InsufficientPasswordHash |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | NosqlInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ReflectedXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | RegExpInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | RemotePropertyInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | RequestForgery |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | SqlInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | StackTraceExposure |
|
||||
|
||||
@@ -5,9 +5,7 @@
|
||||
| (parameter 0 (member commandInjection (root https://www.npmjs.com/package/infer-sources))) | data | CommandInjection |
|
||||
| (parameter 0 (member commandInjection (root https://www.npmjs.com/package/infer-sources))) | taint | CommandInjection |
|
||||
| (parameter 0 (member hashPass (root https://www.npmjs.com/package/infer-sources))) | data | CodeInjection |
|
||||
| (parameter 0 (member hashPass (root https://www.npmjs.com/package/infer-sources))) | data | InsufficientPasswordHash |
|
||||
| (parameter 0 (member hashPass (root https://www.npmjs.com/package/infer-sources))) | taint | CodeInjection |
|
||||
| (parameter 0 (member hashPass (root https://www.npmjs.com/package/infer-sources))) | taint | InsufficientPasswordHash |
|
||||
| (parameter 0 (member mkdirp (root https://www.npmjs.com/package/infer-sources))) | taint | TaintedPath |
|
||||
| (parameter 0 (member multiple (root https://www.npmjs.com/package/infer-sources))) | data | CodeInjection |
|
||||
| (parameter 0 (member multiple (root https://www.npmjs.com/package/infer-sources))) | data | CommandInjection |
|
||||
@@ -15,10 +13,8 @@
|
||||
| (parameter 0 (member multiple (root https://www.npmjs.com/package/infer-sources))) | taint | CommandInjection |
|
||||
| (parameter 0 (member redirect (root https://www.npmjs.com/package/infer-sources))) | data | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member redirect (root https://www.npmjs.com/package/infer-sources))) | taint | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member reflected (root https://www.npmjs.com/package/infer-sources))) | data | InsecureRandomness |
|
||||
| (parameter 0 (member reflected (root https://www.npmjs.com/package/infer-sources))) | data | ReflectedXss |
|
||||
| (parameter 0 (member reflected (root https://www.npmjs.com/package/infer-sources))) | data | StoredXss |
|
||||
| (parameter 0 (member reflected (root https://www.npmjs.com/package/infer-sources))) | taint | InsecureRandomness |
|
||||
| (parameter 0 (member reflected (root https://www.npmjs.com/package/infer-sources))) | taint | ReflectedXss |
|
||||
| (parameter 0 (member reflected (root https://www.npmjs.com/package/infer-sources))) | taint | StoredXss |
|
||||
| (parameter 0 (member regexpInj (root https://www.npmjs.com/package/infer-sources))) | data | RegExpInjection |
|
||||
@@ -33,9 +29,7 @@
|
||||
| (parameter 0 (member xmlBomb (root https://www.npmjs.com/package/infer-sources))) | data | Xxe |
|
||||
| (parameter 0 (member xmlBomb (root https://www.npmjs.com/package/infer-sources))) | taint | XmlBomb |
|
||||
| (parameter 0 (member xmlBomb (root https://www.npmjs.com/package/infer-sources))) | taint | Xxe |
|
||||
| (parameter 0 (member xpathInj (root https://www.npmjs.com/package/infer-sources))) | data | InsecureRandomness |
|
||||
| (parameter 0 (member xpathInj (root https://www.npmjs.com/package/infer-sources))) | data | XpathInjection |
|
||||
| (parameter 0 (member xpathInj (root https://www.npmjs.com/package/infer-sources))) | taint | InsecureRandomness |
|
||||
| (parameter 0 (member xpathInj (root https://www.npmjs.com/package/infer-sources))) | taint | XpathInjection |
|
||||
| (parameter 0 (member xxe (root https://www.npmjs.com/package/infer-sources))) | data | XmlBomb |
|
||||
| (parameter 0 (member xxe (root https://www.npmjs.com/package/infer-sources))) | taint | XmlBomb |
|
||||
|
||||
@@ -1,15 +1,11 @@
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | ClientSideUrlRedirect |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | CodeInjection |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | CommandInjection |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | ConditionalBypass |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | DomBasedXss |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | NosqlInjection |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | ReflectedXss |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | RegExpInjection |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | RemotePropertyInjection |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | RequestForgery |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | ServerSideUrlRedirect |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | SqlInjection |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | TaintedFormatString |
|
||||
|
||||
Reference in New Issue
Block a user