Update java/ql/src/Security/CWE/CWE-295/AndroidMissingCertificatePinning.ql

2025-12-21 19:26:31 +01:00 · 2022-12-19 12:10:32 +01:00
parent a880fecc8b
commit 484a16ce1b
1 changed files with 1 additions and 1 deletions
--- a/java/ql/src/Security/CWE/CWE-295/AndroidMissingCertificatePinning.ql
+++ b/java/ql/src/Security/CWE/CWE-295/AndroidMissingCertificatePinning.ql
@@ -3,7 +3,7 @@
 * @description Network connections that do not use certificate pinning may allow attackers to eavesdrop communications.
 * @kind problem
 * @problem.severity warning
- * @security-severity 7.5
+ * @security-severity 5.9
 * @precision medium
 * @id java/android/missing-certificate-pinning
 * @tags security