taint-config.taint-sensitive-data.txt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of findsecbugs-plugin Show documentation
Show all versions of findsecbugs-plugin Show documentation
Core module of the project. It include all the SpotBugs detectors.
The resulting jar is the published plugin.
The newest version!
- Sensitive data can be obtained if these get tainted
- Java Lang
java/lang/System.getenv(Ljava/lang/String;)Ljava/lang/String;:0|+SENSITIVE_DATA
java/lang/System.getProperty(Ljava/lang/String;)Ljava/lang/String;:0|+SENSITIVE_DATA
java/lang/System.getProperty(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;:1|+SENSITIVE_DATA
- Scala Play
com/typesafe/config/Config.getString(Ljava/lang/String;)Ljava/lang/String;:0|+SENSITIVE_DATA
play/api/Configuration.getString(Ljava/lang/String;Lscala/Option;)Lscala/Option;:1|+SENSITIVE_DATA