How to use CodeQL to find EL injections and fix them

Recently I wrote a post about detecting JEXL injections with CodeQL. JEXL is a library that provides an interpreter for a simple expression language (EL). This time, I’ll talk about injections with Jakarta Expression Language, and how they can be found with CodeQL.

What is Jakarta Expression Language?

Among other things, Jakarta EE contains a…

Сел в поезд. Стыдно признаться — в купейный вагон. Последнее время чаще себя балую. Но и цена радует, ведь она такая же, как в плацкартном вагоне, в котором я ехал позавчера. Наверное то был поезд фирменный, а этот какой-нибудь пассажирский, второсортный. И еще вагон древний. Или как кто-то скажет —…

How to make sure that CVE-2016-1000027 does not affect your application

In this blog post, I’ll talk about detecting unsafe Spring Exporters with a CodeQL query. First, I’ll describe the issue that received CVE-2016-1000027. Next, I’ll show what a vulnerable code looks like and how the issue can be mitigated in an application. Then, I’ll describe how the CodeQL query works…

How to detect JEXL injections with CodeQL

Cup of coffee

In this article, I’ll discuss a CodeQL query for detecting JEXL Expression Language injection vulnerabilities.

First, I’ll give a brief overview of expression languages in general and JEXL in particular. I’ll also explain what Expression Language injection is and how to prevent it. Then, I’ll describe how the CodeQL query…

Artem Smotrakov

I write about Java, security, electronics and DIY

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store