PY: add missing security tags on Python queries

2025-12-24 04:36:35 +01:00 · 2022-08-29 12:53:49 +02:00
parent 68bf9f39b9
commit 4353937bcf
3 changed files with 3 additions and 0 deletions
--- a/python/ql/src/Security/CWE-730/PolynomialReDoS.ql
+++ b/python/ql/src/Security/CWE-730/PolynomialReDoS.ql
@@ -4,6 +4,7 @@
 *              to match may be vulnerable to denial-of-service attacks.
 * @kind path-problem
 * @problem.severity warning
+ * @security-severity 7.5
 * @precision high
 * @id py/polynomial-redos
 * @tags security
--- a/python/ql/src/Security/CWE-730/ReDoS.ql
+++ b/python/ql/src/Security/CWE-730/ReDoS.ql
@@ -5,6 +5,7 @@
 *              attacks.
 * @kind problem
 * @problem.severity error
+ * @security-severity 7.5
 * @precision high
 * @id py/redos
 * @tags security
--- a/python/ql/src/Security/CWE-730/RegexInjection.ql
+++ b/python/ql/src/Security/CWE-730/RegexInjection.ql
@@ -5,6 +5,7 @@
 *              exponential time on certain inputs.
 * @kind path-problem
 * @problem.severity error
+ * @security-severity 7.5
 * @precision high
 * @id py/regex-injection
 * @tags security