cwe-90-ldap-injection
OfficialSecure Java LDAP queries from injection.
AuthorDevelopersCoffee
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill addresses and remediates CWE-90 (LDAP Injection) vulnerabilities in Java applications, preventing unauthorized access and manipulation of directory services.
Core Features & Use Cases
- Vulnerability Identification: Detects patterns where user input is directly concatenated into LDAP filters.
- Secure Code Generation: Provides deterministic, parameterized code to safely construct LDAP queries.
- Use Case: When a SAST tool flags a Java method for potential LDAP injection due to unsanitized user input in an LDAP filter, this skill can be used to automatically rewrite the vulnerable code to use parameterized queries and proper escaping.
Quick Start
Use the cwe-90-ldap-injection skill to remediate the LDAP injection vulnerability in the provided Java code snippet.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: cwe-90-ldap-injection Download link: https://github.com/DevelopersCoffee/java-cwe-security-skills/archive/main.zip#cwe-90-ldap-injection Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.