diff --git a/ql/src/Security/CWE-020/IncompleteHostnameRegexp.ql b/ql/src/Security/CWE-020/IncompleteHostnameRegexp.ql index 802f2cb61d5..ef0ec60d871 100644 --- a/ql/src/Security/CWE-020/IncompleteHostnameRegexp.ql +++ b/ql/src/Security/CWE-020/IncompleteHostnameRegexp.ql @@ -4,6 +4,7 @@ * dot as part of the hostname might match more hostnames than expected. * @kind path-problem * @problem.severity warning + * @security-severity 7.8 * @precision high * @id go/incomplete-hostname-regexp * @tags correctness diff --git a/ql/src/Security/CWE-020/IncompleteUrlSchemeCheck.ql b/ql/src/Security/CWE-020/IncompleteUrlSchemeCheck.ql index e1227b76d6b..99513825892 100644 --- a/ql/src/Security/CWE-020/IncompleteUrlSchemeCheck.ql +++ b/ql/src/Security/CWE-020/IncompleteUrlSchemeCheck.ql @@ -4,6 +4,7 @@ * and "data:" suggests a logic error or even a security vulnerability. * @kind problem * @problem.severity warning + * @security-severity 7.8 * @precision high * @id go/incomplete-url-scheme-check * @tags security diff --git a/ql/src/Security/CWE-020/MissingRegexpAnchor.ql b/ql/src/Security/CWE-020/MissingRegexpAnchor.ql index 402259d22e6..2114038f786 100644 --- a/ql/src/Security/CWE-020/MissingRegexpAnchor.ql +++ b/ql/src/Security/CWE-020/MissingRegexpAnchor.ql @@ -3,6 +3,7 @@ * @description Regular expressions without anchors can be vulnerable to bypassing. * @kind problem * @problem.severity warning + * @security-severity 7.8 * @precision high * @id go/regex/missing-regexp-anchor * @tags correctness diff --git a/ql/src/Security/CWE-020/SuspiciousCharacterInRegexp.ql b/ql/src/Security/CWE-020/SuspiciousCharacterInRegexp.ql index 72afa79b758..6dbdaf640d4 100644 --- a/ql/src/Security/CWE-020/SuspiciousCharacterInRegexp.ql +++ b/ql/src/Security/CWE-020/SuspiciousCharacterInRegexp.ql @@ -3,6 +3,7 @@ * @description If a literal bell character or backspace appears in a regular expression, the start of text or word boundary may have been intended. * @kind path-problem * @problem.severity warning + * @security-severity 7.8 * @precision high * @id go/suspicious-character-in-regex * @tags correctness diff --git a/ql/src/Security/CWE-020/UntrustedDataToExternalAPI.ql b/ql/src/Security/CWE-020/UntrustedDataToExternalAPI.ql index c0341893fcb..6b4f7b87aa0 100644 --- a/ql/src/Security/CWE-020/UntrustedDataToExternalAPI.ql +++ b/ql/src/Security/CWE-020/UntrustedDataToExternalAPI.ql @@ -5,6 +5,7 @@ * @kind path-problem * @precision low * @problem.severity error + * @security-severity 7.8 * @tags security external/cwe/cwe-20 */ diff --git a/ql/src/Security/CWE-020/UntrustedDataToUnknownExternalAPI.ql b/ql/src/Security/CWE-020/UntrustedDataToUnknownExternalAPI.ql index 264c92d4a30..00cfe7f3b26 100644 --- a/ql/src/Security/CWE-020/UntrustedDataToUnknownExternalAPI.ql +++ b/ql/src/Security/CWE-020/UntrustedDataToUnknownExternalAPI.ql @@ -5,6 +5,7 @@ * @kind path-problem * @precision low * @problem.severity error + * @security-severity 7.8 * @tags security external/cwe/cwe-20 */ diff --git a/ql/src/Security/CWE-022/TaintedPath.ql b/ql/src/Security/CWE-022/TaintedPath.ql index 5504a674eff..36487970d44 100644 --- a/ql/src/Security/CWE-022/TaintedPath.ql +++ b/ql/src/Security/CWE-022/TaintedPath.ql @@ -4,6 +4,7 @@ * unexpected resources. * @kind path-problem * @problem.severity error + * @security-severity 7.5 * @precision high * @id go/path-injection * @tags security diff --git a/ql/src/Security/CWE-022/UnsafeUnzipSymlink.ql b/ql/src/Security/CWE-022/UnsafeUnzipSymlink.ql index 7f85a05154d..a905149c149 100644 --- a/ql/src/Security/CWE-022/UnsafeUnzipSymlink.ql +++ b/ql/src/Security/CWE-022/UnsafeUnzipSymlink.ql @@ -8,6 +8,7 @@ * @kind path-problem * @id go/unsafe-unzip-symlink * @problem.severity error + * @security-severity 7.5 * @precision high * @tags security * external/cwe/cwe-022 diff --git a/ql/src/Security/CWE-022/ZipSlip.ql b/ql/src/Security/CWE-022/ZipSlip.ql index 3e087f941cb..ceec7dc57e3 100644 --- a/ql/src/Security/CWE-022/ZipSlip.ql +++ b/ql/src/Security/CWE-022/ZipSlip.ql @@ -6,6 +6,7 @@ * @kind path-problem * @id go/zipslip * @problem.severity error + * @security-severity 7.5 * @precision high * @tags security * external/cwe/cwe-022 diff --git a/ql/src/Security/CWE-078/CommandInjection.ql b/ql/src/Security/CWE-078/CommandInjection.ql index d594cdcf4fa..844d17bd0ac 100644 --- a/ql/src/Security/CWE-078/CommandInjection.ql +++ b/ql/src/Security/CWE-078/CommandInjection.ql @@ -4,6 +4,7 @@ * malicious code by the user. * @kind path-problem * @problem.severity error + * @security-severity 9.8 * @precision high * @id go/command-injection * @tags security diff --git a/ql/src/Security/CWE-078/StoredCommand.ql b/ql/src/Security/CWE-078/StoredCommand.ql index 16430d8f501..605a9fe3ea6 100644 --- a/ql/src/Security/CWE-078/StoredCommand.ql +++ b/ql/src/Security/CWE-078/StoredCommand.ql @@ -4,6 +4,7 @@ * can lead to execution of malicious code by the user. * @kind path-problem * @problem.severity error + * @security-severity 9.8 * @precision low * @id go/stored-command * @tags security diff --git a/ql/src/Security/CWE-079/ReflectedXss.ql b/ql/src/Security/CWE-079/ReflectedXss.ql index bbedd60a5fe..0c33026dada 100644 --- a/ql/src/Security/CWE-079/ReflectedXss.ql +++ b/ql/src/Security/CWE-079/ReflectedXss.ql @@ -4,6 +4,7 @@ * a cross-site scripting vulnerability. * @kind path-problem * @problem.severity error + * @security-severity 6.1 * @precision high * @id go/reflected-xss * @tags security diff --git a/ql/src/Security/CWE-079/StoredXss.ql b/ql/src/Security/CWE-079/StoredXss.ql index 3936ae2f323..2649234515b 100644 --- a/ql/src/Security/CWE-079/StoredXss.ql +++ b/ql/src/Security/CWE-079/StoredXss.ql @@ -4,6 +4,7 @@ * a stored cross-site scripting vulnerability. * @kind path-problem * @problem.severity error + * @security-severity 6.1 * @precision low * @id go/stored-xss * @tags security diff --git a/ql/src/Security/CWE-089/SqlInjection.ql b/ql/src/Security/CWE-089/SqlInjection.ql index d0af6ec767a..c228787a1f3 100644 --- a/ql/src/Security/CWE-089/SqlInjection.ql +++ b/ql/src/Security/CWE-089/SqlInjection.ql @@ -4,6 +4,7 @@ * malicious code by the user. * @kind path-problem * @problem.severity error + * @security-severity 8.8 * @precision high * @id go/sql-injection * @tags security diff --git a/ql/src/Security/CWE-089/StringBreak.ql b/ql/src/Security/CWE-089/StringBreak.ql index 51dc8e292d8..bfd40e91f18 100644 --- a/ql/src/Security/CWE-089/StringBreak.ql +++ b/ql/src/Security/CWE-089/StringBreak.ql @@ -5,6 +5,7 @@ * the overall string. * @kind path-problem * @problem.severity warning + * @security-severity 9.3 * @precision high * @id go/unsafe-quoting * @tags correctness diff --git a/ql/src/Security/CWE-190/AllocationSizeOverflow.ql b/ql/src/Security/CWE-190/AllocationSizeOverflow.ql index e6d2ec0a5cc..fcbfb4dfd22 100644 --- a/ql/src/Security/CWE-190/AllocationSizeOverflow.ql +++ b/ql/src/Security/CWE-190/AllocationSizeOverflow.ql @@ -4,6 +4,7 @@ * the result may overflow and cause a runtime panic. * @kind path-problem * @problem.severity warning + * @security-severity 8.1 * @precision high * @id go/allocation-size-overflow * @tags security diff --git a/ql/src/Security/CWE-209/StackTraceExposure.ql b/ql/src/Security/CWE-209/StackTraceExposure.ql index c8f4c4b45a6..f908bf5581a 100644 --- a/ql/src/Security/CWE-209/StackTraceExposure.ql +++ b/ql/src/Security/CWE-209/StackTraceExposure.ql @@ -5,6 +5,7 @@ * that are useful to an attacker for developing a subsequent exploit. * @kind path-problem * @problem.severity error + * @security-severity 5.4 * @precision high * @id go/stack-trace-exposure * @tags security diff --git a/ql/src/Security/CWE-295/DisabledCertificateCheck.ql b/ql/src/Security/CWE-295/DisabledCertificateCheck.ql index 069dd212c78..c27c3bd9dc2 100644 --- a/ql/src/Security/CWE-295/DisabledCertificateCheck.ql +++ b/ql/src/Security/CWE-295/DisabledCertificateCheck.ql @@ -4,6 +4,7 @@ * man-in-the-middle attacks. * @kind problem * @problem.severity warning + * @security-severity 7.5 * @precision high * @id go/disabled-certificate-check * @tags security diff --git a/ql/src/Security/CWE-312/CleartextLogging.ql b/ql/src/Security/CWE-312/CleartextLogging.ql index 62305984365..57412739984 100644 --- a/ql/src/Security/CWE-312/CleartextLogging.ql +++ b/ql/src/Security/CWE-312/CleartextLogging.ql @@ -4,6 +4,7 @@ * expose it to an attacker. * @kind path-problem * @problem.severity error + * @security-severity 7.5 * @precision high * @id go/clear-text-logging * @tags security diff --git a/ql/src/Security/CWE-327/InsecureTLS.ql b/ql/src/Security/CWE-327/InsecureTLS.ql index 8de44428f92..3f6c5378332 100644 --- a/ql/src/Security/CWE-327/InsecureTLS.ql +++ b/ql/src/Security/CWE-327/InsecureTLS.ql @@ -4,6 +4,7 @@ * machine-in-the-middle and other attacks. * @kind path-problem * @problem.severity warning + * @security-severity 7.5 * @precision very-high * @id go/insecure-tls * @tags security diff --git a/ql/src/Security/CWE-338/InsecureRandomness.ql b/ql/src/Security/CWE-338/InsecureRandomness.ql index c2cf8b69d92..e843116b12a 100644 --- a/ql/src/Security/CWE-338/InsecureRandomness.ql +++ b/ql/src/Security/CWE-338/InsecureRandomness.ql @@ -3,6 +3,7 @@ * @description Using insufficient randomness as the key of a cryptographic algorithm can allow an attacker to compromise security. * @kind path-problem * @problem.severity error + * @security-severity 7.8 * @precision high * @id go/insecure-randomness * @tags security diff --git a/ql/src/Security/CWE-352/ConstantOauth2State.ql b/ql/src/Security/CWE-352/ConstantOauth2State.ql index 5ae80cdfc74..2f3b77af07e 100644 --- a/ql/src/Security/CWE-352/ConstantOauth2State.ql +++ b/ql/src/Security/CWE-352/ConstantOauth2State.ql @@ -4,6 +4,7 @@ * susceptible to CSRF attacks. * @kind path-problem * @problem.severity error + * @security-severity 8.8 * @precision high * @id go/constant-oauth2-state * @tags security diff --git a/ql/src/Security/CWE-601/BadRedirectCheck.ql b/ql/src/Security/CWE-601/BadRedirectCheck.ql index 168326cb30e..a35d78519bb 100644 --- a/ql/src/Security/CWE-601/BadRedirectCheck.ql +++ b/ql/src/Security/CWE-601/BadRedirectCheck.ql @@ -5,6 +5,7 @@ * incomplete. * @kind path-problem * @problem.severity error + * @security-severity 6.1 * @id go/bad-redirect-check * @tags security * external/cwe/cwe-601 diff --git a/ql/src/Security/CWE-601/OpenUrlRedirect.ql b/ql/src/Security/CWE-601/OpenUrlRedirect.ql index befba5a8c75..efadce04a6c 100644 --- a/ql/src/Security/CWE-601/OpenUrlRedirect.ql +++ b/ql/src/Security/CWE-601/OpenUrlRedirect.ql @@ -4,6 +4,7 @@ * may cause redirection to malicious web sites. * @kind path-problem * @problem.severity warning + * @security-severity 6.1 * @id go/unvalidated-url-redirection * @tags security * external/cwe/cwe-601 diff --git a/ql/src/Security/CWE-640/EmailInjection.ql b/ql/src/Security/CWE-640/EmailInjection.ql index 1ae4d751342..74dee8ba179 100644 --- a/ql/src/Security/CWE-640/EmailInjection.ql +++ b/ql/src/Security/CWE-640/EmailInjection.ql @@ -6,6 +6,7 @@ * @id go/email-injection * @kind path-problem * @problem.severity error + * @security-severity 9.8 * @tags security * external/cwe/cwe-640 * @precision high diff --git a/ql/src/Security/CWE-643/XPathInjection.ql b/ql/src/Security/CWE-643/XPathInjection.ql index ca6df0ff004..4028fa14a8c 100644 --- a/ql/src/Security/CWE-643/XPathInjection.ql +++ b/ql/src/Security/CWE-643/XPathInjection.ql @@ -4,6 +4,7 @@ * malicious code by the user. * @kind path-problem * @problem.severity error + * @security-severity 9.8 * @precision high * @id go/xml/xpath-injection * @tags security diff --git a/ql/src/Security/CWE-681/IncorrectIntegerConversion.ql b/ql/src/Security/CWE-681/IncorrectIntegerConversion.ql index 5e83d19b94a..0959c2e1105 100644 --- a/ql/src/Security/CWE-681/IncorrectIntegerConversion.ql +++ b/ql/src/Security/CWE-681/IncorrectIntegerConversion.ql @@ -5,6 +5,7 @@ * can produce unexpected values. * @kind path-problem * @problem.severity warning + * @security-severity 8.1 * @id go/incorrect-integer-conversion * @tags security * external/cwe/cwe-190 diff --git a/ql/src/Security/CWE-798/HardcodedCredentials.ql b/ql/src/Security/CWE-798/HardcodedCredentials.ql index ca46b24ff80..8ccb6521d38 100644 --- a/ql/src/Security/CWE-798/HardcodedCredentials.ql +++ b/ql/src/Security/CWE-798/HardcodedCredentials.ql @@ -4,6 +4,7 @@ * to gain unauthorized access. * @kind problem * @problem.severity warning + * @security-severity 9.8 * @precision medium * @id go/hardcoded-credentials * @tags security diff --git a/ql/src/Security/CWE-918/RequestForgery.ql b/ql/src/Security/CWE-918/RequestForgery.ql index 4541a687804..6f1e9b5cbfc 100644 --- a/ql/src/Security/CWE-918/RequestForgery.ql +++ b/ql/src/Security/CWE-918/RequestForgery.ql @@ -3,6 +3,7 @@ * @description Sending network requests with user-controlled data allows for request forgery attacks. * @kind path-problem * @problem.severity error + * @security-severity 9.1 * @precision high * @id go/request-forgery * @tags security