hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-30 11:01:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
d60d8837cd8a95ab380693590eecd3cd91bd7d67
codeql/java/ql/lib/ext/generated_models_positive.model.yml
Taus d60d8837cd Java: Add generated models
2023-07-04 15:45:26 +02:00

195 lines
26 KiB
YAML
Raw Blame History

extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["java.sql", "Statement", True, "execute", "(String)", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["jakarta.persistence", "EntityManager", True, "find", "(Class,Object)", "", "Argument[1]", "sql-injection", "ai-generated"]
- ["org.hibernate.query", "Query", True, "executeUpdate", "()", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["jakarta.persistence", "EntityManager", True, "createQuery", "(String)", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["jakarta.persistence", "EntityManager", True, "createQuery", "(CriteriaUpdate)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["jakarta.persistence", "EntityManager", True, "createQuery", "(CriteriaQuery)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["java.sql", "ResultSet", True, "getString", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["java.util.function", "Function", True, "apply", "(URL)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.sql", "Connection", True, "prepareStatement", "(String)", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["java.sql", "Connection", True, "prepareStatement", "(String,int)", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["jakarta.persistence", "TypedQuery", True, "setParameter", "(String,Object)", "", "Argument[1]", "sql-injection", "ai-generated"]
- ["java.sql", "PreparedStatement", True, "setString", "(int,String)", "", "Argument[1]", "sql-injection", "ai-generated"]
- ["jakarta.persistence", "Query", True, "executeUpdate", "()", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["org.hibernate.query", "Query", True, "setParameter", "(int,Object)", "", "Argument[1]", "sql-injection", "ai-generated"]
- ["java.sql", "PreparedStatement", True, "setObject", "(int,Object)", "", "Argument[1]", "sql-injection", "ai-generated"]
- ["java.lang", "Runtime", True, "addShutdownHook", "(Thread)", "", "Argument[0]", "command-injection", "ai-generated"]
- ["jakarta.persistence", "EntityManager", True, "remove", "(Object)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["java.lang", "Class", False, "getResourceAsStream", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["java.lang", "ClassLoader", True, "getResourceAsStream", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.lang", "Class", False, "getResourceAsStream", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.core", "MultivaluedMap", True, "getFirst", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.client", "Invocation$Builder", False, "header", "(String,Object)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.client", "Invocation$Builder", False, "header", "(String,Object)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.apache.dubbo.rpc.cluster.router.state", "StateRouter", True, "route", "(BitList,URL,Invocation,boolean,Holder)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["jakarta.persistence.criteria", "CriteriaBuilder", True, "function", "(String,Class,Expression[])", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["jakarta.ws.rs.client", "SyncInvoker", True, "get", "()", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["jakarta.persistence", "EntityManager", True, "createNativeQuery", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["jakarta.persistence", "EntityManager", True, "createNativeQuery", "(String)", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["jakarta.persistence", "EntityManager", True, "createNativeQuery", "(String,Class)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["com.alibaba.nacos.api.naming", "NamingService", True, "batchRegisterInstance", "(String,String,List)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.lang", "ClassLoader", True, "getResource", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["java.net", "Socket", True, "connect", "(SocketAddress,int)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.net", "InetSocketAddress", True, "InetSocketAddress", "(InetAddress,int)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.net", "Socket", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.sql", "Connection", True, "prepareCall", "(String)", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["java.lang", "Class", False, "getResource", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.core", "UriBuilder", True, "build", "(Object[])", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.client", "SyncInvoker", True, "post", "(Entity,Class)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.client", "SyncInvoker", True, "post", "(Entity)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.client", "SyncInvoker", True, "post", "(Entity)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["java.lang", "Class", False, "getResource", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.sql", "PreparedStatement", True, "setDate", "(int,Date)", "", "Argument[1]", "sql-injection", "ai-generated"]
- ["me.chanjar.weixin.common.util.http", "RequestExecutor", True, "execute", "(String,String,WxType)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["me.chanjar.weixin.common.util.http", "RequestExecutor", True, "execute", "(String,WxMpMaterial,WxType)", "", "Argument[2]", "request-forgery", "ai-generated"]
- ["org.apache.kafka.clients.consumer", "KafkaConsumer", True, "KafkaConsumer<byte[],byte[]>", "(Map)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.sql", "CallableStatement", True, "getObject", "(String,Class)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["javax.servlet.http", "HttpServletResponse", True, "setHeader", "(String,String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["javax.servlet.http", "HttpServletResponse", True, "setHeader", "(String,String)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["org.apache.http.message", "AbstractHttpMessage", True, "setHeader", "(String,String)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["java.net", "URLConnection", True, "getInputStream", "()", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.apache.dubbo.rpc.cluster.router", "MockInvoker", True, "MockInvoker<String>", "(URL,boolean)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.apache.dubbo.rpc.cluster.router", "MockInvoker", True, "MockInvoker<String>", "(URL)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.apache.dubbo.remoting.zookeeper", "AbstractZookeeperClient", True, "create", "(String,boolean,boolean)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["java.io", "File", True, "listFiles", "(FileFilter)", "", "Argument[this]", "path-injection", "ai-generated"]
- ["java.sql", "CallableStatement", True, "setCharacterStream", "(String,Reader,long)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["java.sql", "CallableStatement", True, "setObject", "(String,Object)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["jakarta.persistence", "EntityManager", True, "createNamedQuery", "(String)", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["jakarta.persistence.criteria", "CriteriaBuilder", True, "like", "(Expression,String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["jakarta.persistence.criteria", "CriteriaBuilder", True, "like", "(Expression,String)", "", "Argument[1]", "sql-injection", "ai-generated"]
- ["jakarta.ws.rs.core", "UriBuilder", True, "queryParam", "(String,Object[])", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.client", "Entity", False, "form", "(Form)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.io", "File", True, "listFiles", "(FilenameFilter)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["okhttp3.mockwebserver", "MockWebServer", False, "url", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.apache.http.client.methods", "HttpRequestBase", True, "setConfig", "(RequestConfig)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jodd.http", "ProxyInfo", True, "ProxyInfo", "(ProxyType,String,int,String,String)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["redis.clients.jedis", "JedisPool", True, "JedisPool", "(GenericObjectPoolConfig,String,int,int,String,int)", "", "Argument[4]", "command-injection", "ai-generated"]
- ["io.restassured.specification", "RequestSenderOptions", True, "get", "(String,Object[])", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["io.restassured.specification", "RequestSenderOptions", True, "get", "(String,Object[])", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.apache.curator.framework.api", "Pathable", True, "forPath", "(String)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["com.alibaba.druid.sql.repository", "SchemaRepository", True, "console", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["org.apache.dubbo.rpc.cluster.router.mesh.route", "StandardMeshRuleRouter", True, "StandardMeshRuleRouter<>", "(URL)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.apache.kafka.clients.producer", "KafkaProducer", True, "KafkaProducer<K,V>", "(Properties)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["apache.rocketmq.v2", "Address$Builder", False, "setHost", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.apache.hc.client5.http.impl.async", "CloseableHttpAsyncClient", False, "execute", "(SimpleHttpRequest,FutureCallback)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.lang", "Runtime", True, "exec", "(String[])", "", "Argument[this]", "command-injection", "ai-generated"]
- ["org.jboss.shrinkwrap.api.exporter", "StreamExporter", True, "exportTo", "(File,boolean)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["java.io", "BufferedWriter", True, "BufferedWriter", "(Writer)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["javax.cache.spi", "CachingProvider", True, "getCacheManager", "(URI,ClassLoader)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.keycloak.authorization.client.util", "HttpMethod", True, "param", "(String,String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.keycloak.authorization.client.util", "HttpMethod", True, "param", "(String,String)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["java.net", "URL", False, "getFile", "()", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.core", "UriInfo", True, "getBaseUriBuilder", "()", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.wildfly.extras.creaper.core.online", "OnlineManagementClient", True, "execute", "(String)", "", "Argument[this]", "command-injection", "ai-generated"]
- ["org.jboss.shrinkwrap.api", "Archive", True, "add", "(Asset,String)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["java.lang", "Runtime", True, "exec", "(String)", "", "Argument[this]", "command-injection", "ai-generated"]
- ["io.netty.util", "DomainNameMappingBuilder", False, "add", "(String,SslContext)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["com.alibaba.druid.pool", "DruidAbstractDataSource", True, "setUrl", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["com.alibaba.druid.sql", "SQLUtils", False, "parseStatements", "(String,String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["redis.clients.jedis", "JedisPool", True, "JedisPool", "(GenericObjectPoolConfig,String,int,int,String,int)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["okio", "Okio", False, "source", "(File)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["jodd.http", "HttpRequest", False, "post", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["me.chanjar.weixin.cp.bean", "WxCpAgentWorkBench$WxCpAgentWorkBenchBuilder", False, "url", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["me.chanjar.weixin.cp.bean.templatecard", "HorizontalContent$HorizontalContentBuilder", False, "url", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["me.chanjar.weixin.cp.tp.service.impl", "BaseWxCpTpServiceImpl", True, "post", "(String,String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["okhttp3", "Request$Builder", False, "get", "()", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["jodd.http", "HttpRequest", False, "get", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["okhttp3", "Request$Builder", False, "post", "(RequestBody)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["okhttp3", "RequestBody", False, "create", "(MediaType,String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.redisson", "Redisson", False, "create", "(Config)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jodd.http", "HttpConnectionProvider", True, "useProxy", "(ProxyInfo)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["io.grpc", "ManagedChannelBuilder", False, "forAddress", "(String,int)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["io.restassured.specification", "RequestSpecification", True, "header", "(String,Object,Object[])", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.springframework.web.reactive.function.server", "ServerResponse$HeadersBuilder", False, "build", "()", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["com.alibaba.csp.sentinel.datasource", "FileRefreshableDataSource", True, "FileRefreshableDataSource<List<SystemRule>>", "(String,Converter)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["com.ecwid.consul.v1", "ConsulClient", True, "ConsulClient", "(String,int)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["com.alibaba.csp.sentinel.datasource.redis", "RedisDataSource", True, "RedisDataSource<List<FlowRule>>", "(RedisConnectionConfig,String,String,Converter)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.apache.http.client.utils", "URIBuilder", True, "setPath", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.apache.http.client.utils", "URIBuilder", True, "setScheme", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.elasticsearch.client.support", "AbstractClient", True, "prepareUpdate", "(String,String,String)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["org.apache.hadoop.hbase.client", "HTable", True, "getScanner", "(Scan)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["org.apache.kudu.client", "KuduClient", True, "openTable", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["com.alicloud.openservices.tablestore", "DefaultTableStoreWriter", True, "DefaultTableStoreWriter", "(String,ServiceCredentials,String,String,WriterConfig,TableStoreCallback)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.apache.commons.io", "FileUtils", False, "listFiles", "(File,IOFileFilter,IOFileFilter)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["org.apache.commons.io", "FileUtils", False, "forceMkdir", "(File)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["org.apache.dubbo.config", "ReferenceConfigBase", True, "setUrl", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.springframework.context.support", "ClassPathXmlApplicationContext", True, "ClassPathXmlApplicationContext", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["com.alibaba.nacos.api", "NacosFactory", False, "createConfigService", "(Properties)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.io", "File", True, "renameTo", "(File)", "", "Argument[this]", "path-injection", "ai-generated"]
- ["org.apache.dubbo.rpc", "ServerService", True, "getInvoker", "(URL)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.net", "URLEncoder", False, "encode", "(String,String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.apache.commons.exec", "PumpStreamHandler", True, "PumpStreamHandler", "(OutputStream,OutputStream,InputStream)", "", "Argument[0]", "command-injection", "ai-generated"]
- ["org.rocksdb", "RocksDB", False, "open", "(DBOptions,String,List,List)", "", "Argument[2]", "path-injection", "ai-generated"]
- ["org.apache.kafka.streams.processor.api", "MockProcessorContext", True, "MockProcessorContext<Void,Void>", "(Properties,TaskId,File)", "", "Argument[2]", "path-injection", "ai-generated"]
- ["javax.management.remote", "JMXConnectorServerFactory", False, "newJMXConnectorServer", "(JMXServiceURL,Map,MBeanServer)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["java.net", "HttpURLConnection", True, "setRequestMethod", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.nio.file", "Paths", False, "get", "(String,String[])", "", "Argument[1]", "path-injection", "ai-generated"]
- ["org.apache.commons.io", "FileUtils", False, "deleteDirectory", "(File)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["java.sql", "DatabaseMetaData", True, "getExportedKeys", "(String,String,String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["java.sql", "DatabaseMetaData", True, "getPseudoColumns", "(String,String,String,String)", "", "Argument[2]", "sql-injection", "ai-generated"]
- ["org.eclipse.jetty.http", "HttpTester$Request", False, "setURI", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["java.io", "File", True, "mkdir", "()", "", "Argument[this]", "path-injection", "ai-generated"]
- ["java.io", "FilePermission", False, "FilePermission", "(String,String)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["org.h2.mvstore", "FileStore", True, "open", "(String,boolean)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["java.nio.file", "Files", False, "createTempFile", "(String,String,FileAttribute[])", "", "Argument[1]", "path-injection", "ai-generated"]
- ["java.sql", "DatabaseMetaData", True, "getProcedures", "(String,String,String)", "", "Argument[1]", "sql-injection", "ai-generated"]
- ["java.sql", "CallableStatement", True, "setBinaryStream", "(String,InputStream,long)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["org.postgresql.util", "PGobject", True, "setValue", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["org.postgresql.util", "PGobject", False, "setType", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["org.jboss.shrinkwrap.api.container", "ResourceContainer", True, "addAsResource", "(File,ArchivePath)", "", "Argument[1]", "path-injection", "ai-generated"]
- ["java.sql", "CallableStatement", True, "setString", "(String,String)", "", "Argument[1]", "sql-injection", "ai-generated"]
- ["org.gradle.process", "ExecSpec", True, "args", "(Object[])", "", "Argument[2]", "command-injection", "ai-generated"]
- ["org.gradle.process", "JavaExecSpec", True, "args", "(Object[])", "", "Argument[0]", "command-injection", "ai-generated"]
- ["org.gradle.api.file", "Directory", True, "getAsFile", "()", "", "Argument[this]", "path-injection", "ai-generated"]
- ["java.io", "File", True, "createNewFile", "()", "", "Argument[this]", "path-injection", "ai-generated"]
- ["org.gradle.api.tasks", "SourceTask", True, "source", "(Object[])", "", "Argument[0]", "path-injection", "ai-generated"]
- ["org.gradle.testkit.runner", "GradleRunner", True, "withProjectDir", "(File)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["javax.servlet", "ServletContext", True, "getResourceAsStream", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["javax.servlet.http", "HttpServletResponse", True, "sendRedirect", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["org.keycloak.saml", "BaseSAML2BindingBuilder", True, "relayState", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jakarta.servlet.http", "HttpServletResponse", True, "sendRedirect", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.nio.file", "Files", False, "getFileAttributeView", "(Path,Class,LinkOption[])", "", "Argument[0]", "path-injection", "ai-generated"]
- ["liquibase.statement.core", "UpdateStatement", True, "UpdateStatement", "(String,String,String)", "", "Argument[2]", "sql-injection", "ai-generated"]
- ["liquibase.database.jvm", "JdbcConnection", True, "prepareStatement", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["liquibase.executor", "Executor", True, "execute", "(SqlStatement)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["com.openshift.restclient", "ClientBuilder", True, "ClientBuilder", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["javax.naming.ldap", "InitialLdapContext", True, "InitialLdapContext", "(Hashtable,Control[])", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.lang", "Process", True, "destroy", "()", "", "Argument[this]", "command-injection", "ai-generated"]
- ["jakarta.ws.rs.core", "UriInfo", True, "getBaseUri", "()", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["jakarta.mail", "Part", True, "setHeader", "(String,String)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.core", "Response$ResponseBuilder", False, "location", "(URI)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jakarta.servlet", "ServletContext", True, "getResourceAsStream", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["jakarta.servlet", "ServletRequest", True, "getRequestDispatcher", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["io.undertow", "Undertow$Builder", False, "addHttpsListener", "(int,String,SSLContext)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["org.keycloak.saml", "BaseSAML2BindingBuilder", True, "redirectBinding", "(Document)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["java.net", "URI", False, "getAuthority", "()", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.jfree.chart", "ChartUtilities", False, "saveChartAsPNG", "(File,JFreeChart,int,int)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["java.net", "URL", False, "URL", "(String,String,int,String)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["org.jboss.resteasy.plugins.providers.multipart", "MultipartFormDataOutput", True, "addFormData", "(String,Object,MediaType)", "", "Argument[2]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.client", "WebTarget", True, "path", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.apache.http.impl.cookie", "BasicClientCookie", True, "BasicClientCookie", "(String,String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["jakarta.ws.rs.client", "Client", True, "target", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["org.apache.ibatis.jdbc", "AbstractSQL", True, "HAVING", "(String[])", "", "Argument[this]", "sql-injection", "ai-generated"]
- ["io.netty.resolver", "AddressResolver", True, "resolve", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["net.sf.jsqlparser.expression", "BinaryExpression", True, "setRightExpression", "(Expression)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["net.sf.jsqlparser.schema", "Column", True, "Column", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["net.sf.jsqlparser.parser", "CCJSqlParserUtil", False, "parse", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["org.apache.ibatis.io", "Resources", False, "getResourceAsReader", "(String)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["com.ecwid.consul.v1", "ConsulClient", True, "setKVValue", "(String,String,String,PutParams)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["com.alibaba.nacos.api.config", "ConfigService", True, "removeConfig", "(String,String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["io.etcd.jetcd", "ClientBuilder", False, "endpoints", "(String[])", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["com.weibo.api.motan.config", "AbstractServiceConfig", True, "setExport", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["com.alibaba.druid.pool", "DruidAbstractDataSource", True, "setValidationQuery", "(String)", "", "Argument[0]", "sql-injection", "ai-generated"]
- ["java.net", "Authenticator", False, "requestPasswordAuthentication", "(String,InetAddress,int,String,String,String,URL,RequestorType)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["java.net", "HttpCookie", False, "setDomain", "(String)", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["java.net", "Proxy", True, "Proxy", "(Type,SocketAddress)", "", "Argument[1]", "request-forgery", "ai-generated"]
- ["okio", "FileSystem", False, "createDirectories", "(Path)", "", "Argument[0]", "path-injection", "ai-generated"]
- ["java.security", "Provider", True, "configure", "(String)", "", "Argument[0]", "request-forgery", "ai-generated"]
- ["okhttp3", "HttpUrl", False, "newBuilder", "()", "", "Argument[this]", "request-forgery", "ai-generated"]
- ["javax.imageio", "ImageIO", False, "read", "(File)", "", "Argument[0]", "path-injection", "ai-generated"]
Reference in New Issue View Git Blame Copy Permalink