Module HardcodedCredentials

Import path

Security.CWE.CWE-798.HardcodedCredentials

Imports

SensitiveApi
java

Provides all default Java QL imports.

Classes

CredentialsApiSink

An argument to a sensitive call of a known API, expected to contain username, password or cryptographic key credentials.

CredentialsSink

An argument to a sensitive call, expected to contain credentials.

CredentialsSourceSink

An argument to a call, where the parameter name corresponding to the argument indicates that it may contain credentials.

HardcodedExpr

An expression that is either a non-empty string literal or a hard-coded byte or char array.

PasswordVariable

A variable whose name indicates that it may hold a password.

UsernameVariable

A variable whose name indicates that it may hold a user name.