python: drop precision and add severity score

Given both the original FP score and our concerns regarding sanitizers, `@precision medium`, which is aligned with other languages, feels appropriate.
2025-12-20 10:46:30 +01:00 · 2022-02-01 10:34:36 +01:00
parent 7511b33512
commit 26befebfc2
1 changed files with 2 additions and 1 deletions
--- a/python/ql/src/Security/CWE-117/LogInjection.ql
+++ b/python/ql/src/Security/CWE-117/LogInjection.ql
@@ -4,7 +4,8 @@
 *              insertion of forged log entries by a malicious user.
 * @kind path-problem
 * @problem.severity error
- * @precision high
+ * @security-severity 7.8
+ * @precision medium
 * @id py/log-injection
 * @tags security
 *       external/cwe/cwe-117