Module Db

Import path

semmle.python.web.django.Db

Imports

Sql

Provides class and predicates to track external data that may represent malicious SQL queries or parts of queries.

python

Predicates

Classes

DjangoDbCursor

A taint kind representing a django cursor object.

DjangoDbCursorSource

A kind of taint source representing sources of django cursor objects.

DjangoRawSqlSink

A sink of taint on calls to django.db.models.expressions.RawSQL. This allows arbitrary SQL statements to be executed, which is a security risk.