From 53cb30dcd00a7f7a1d32f2694781ecc598b8a9af Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Mon, 24 Feb 2025 15:48:28 -0500 Subject: [PATCH] Java: update metadata, move from CWE-016 to CWE-200 --- .../CWE/{CWE-016 => CWE-200}/SpringBootActuators.java | 0 .../CWE/{CWE-016 => CWE-200}/SpringBootActuators.qhelp | 0 .../Security/CWE/{CWE-016 => CWE-200}/SpringBootActuators.ql | 4 ++-- .../SpringBootActuators}/SpringBootActuatorsTest.expected | 0 .../tests/SpringBootActuators}/SpringBootActuatorsTest.java | 0 .../tests/SpringBootActuators}/SpringBootActuatorsTest.ql | 0 .../semmle/tests/SpringBootActuators}/options | 2 +- 7 files changed, 3 insertions(+), 3 deletions(-) rename java/ql/src/Security/CWE/{CWE-016 => CWE-200}/SpringBootActuators.java (100%) rename java/ql/src/Security/CWE/{CWE-016 => CWE-200}/SpringBootActuators.qhelp (100%) rename java/ql/src/Security/CWE/{CWE-016 => CWE-200}/SpringBootActuators.ql (91%) rename java/ql/test/query-tests/security/{CWE-016 => CWE-200/semmle/tests/SpringBootActuators}/SpringBootActuatorsTest.expected (100%) rename java/ql/test/query-tests/security/{CWE-016 => CWE-200/semmle/tests/SpringBootActuators}/SpringBootActuatorsTest.java (100%) rename java/ql/test/query-tests/security/{CWE-016 => CWE-200/semmle/tests/SpringBootActuators}/SpringBootActuatorsTest.ql (100%) rename java/ql/test/query-tests/security/{CWE-016 => CWE-200/semmle/tests/SpringBootActuators}/options (62%) diff --git a/java/ql/src/Security/CWE/CWE-016/SpringBootActuators.java b/java/ql/src/Security/CWE/CWE-200/SpringBootActuators.java similarity index 100% rename from java/ql/src/Security/CWE/CWE-016/SpringBootActuators.java rename to java/ql/src/Security/CWE/CWE-200/SpringBootActuators.java diff --git a/java/ql/src/Security/CWE/CWE-016/SpringBootActuators.qhelp b/java/ql/src/Security/CWE/CWE-200/SpringBootActuators.qhelp similarity index 100% rename from java/ql/src/Security/CWE/CWE-016/SpringBootActuators.qhelp rename to java/ql/src/Security/CWE/CWE-200/SpringBootActuators.qhelp diff --git a/java/ql/src/Security/CWE/CWE-016/SpringBootActuators.ql b/java/ql/src/Security/CWE/CWE-200/SpringBootActuators.ql similarity index 91% rename from java/ql/src/Security/CWE/CWE-016/SpringBootActuators.ql rename to java/ql/src/Security/CWE/CWE-200/SpringBootActuators.ql index bac0a72e144..97d9b506f78 100644 --- a/java/ql/src/Security/CWE/CWE-016/SpringBootActuators.ql +++ b/java/ql/src/Security/CWE/CWE-200/SpringBootActuators.ql @@ -4,11 +4,11 @@ * or even to remote code execution. * @kind problem * @problem.severity error + * @security-severity 6.5 * @precision high * @id java/spring-boot-exposed-actuators * @tags security - * experimental - * external/cwe/cwe-16 + * external/cwe/cwe-200 */ import java diff --git a/java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.expected b/java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuators/SpringBootActuatorsTest.expected similarity index 100% rename from java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.expected rename to java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuators/SpringBootActuatorsTest.expected diff --git a/java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.java b/java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuators/SpringBootActuatorsTest.java similarity index 100% rename from java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.java rename to java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuators/SpringBootActuatorsTest.java diff --git a/java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.ql b/java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuators/SpringBootActuatorsTest.ql similarity index 100% rename from java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.ql rename to java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuators/SpringBootActuatorsTest.ql diff --git a/java/ql/test/query-tests/security/CWE-016/options b/java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuators/options similarity index 62% rename from java/ql/test/query-tests/security/CWE-016/options rename to java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuators/options index 38d1d754b69..161a6ddf23d 100644 --- a/java/ql/test/query-tests/security/CWE-016/options +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuators/options @@ -1 +1 @@ -//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/springframework-5.3.8 +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../../../stubs/springframework-5.3.8