Merge pull request #16808 from JLLeitschuh/patch-8

Align Java CommandInjectionRuntimeExec.ql Severity
2025-12-17 01:03:14 +01:00 · 2024-08-16 15:14:48 +02:00
parent f7d8c210e5 472cca9221
commit 3a9610795b
1 changed files with 1 additions and 1 deletions
--- a/java/ql/src/experimental/Security/CWE/CWE-078/CommandInjectionRuntimeExec.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-078/CommandInjectionRuntimeExec.ql
@@ -3,7 +3,7 @@
 * @description High sensitvity and precision version of java/command-line-injection, designed to find more cases of command injection in rare cases that the default query does not find
 * @kind path-problem
 * @problem.severity error
- * @security-severity 6.1
+ * @security-severity 9.8
 * @precision high
 * @id java/command-line-injection-extra
 * @tags security