mirror of
https://github.com/github/codeql.git
synced 2026-07-06 03:55:30 +02:00
Add severity scores
This commit is contained in:
@@ -5,6 +5,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/offset-use-before-range-check
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.1
|
||||
* @precision medium
|
||||
* @tags reliability
|
||||
* security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/descriptor-may-not-be-closed
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.8
|
||||
* @tags efficiency
|
||||
* security
|
||||
* external/cwe/cwe-775
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/descriptor-never-closed
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.8
|
||||
* @tags efficiency
|
||||
* security
|
||||
* external/cwe/cwe-775
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/file-may-not-be-closed
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.8
|
||||
* @tags efficiency
|
||||
* security
|
||||
* external/cwe/cwe-775
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/file-never-closed
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.8
|
||||
* @tags efficiency
|
||||
* security
|
||||
* external/cwe/cwe-775
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/inconsistent-nullness-testing
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.5
|
||||
* @tags reliability
|
||||
* security
|
||||
* external/cwe/cwe-476
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/memory-may-not-be-freed
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.5
|
||||
* @tags efficiency
|
||||
* security
|
||||
* external/cwe/cwe-401
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/memory-never-freed
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.5
|
||||
* @tags efficiency
|
||||
* security
|
||||
* external/cwe/cwe-401
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/missing-null-test
|
||||
* @problem.severity recommendation
|
||||
* @problem.security-severity 7.5
|
||||
* @tags reliability
|
||||
* security
|
||||
* external/cwe/cwe-476
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
* @description An object that was allocated with 'malloc' or 'new' is being freed using a mismatching 'free' or 'delete'.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.5
|
||||
* @precision high
|
||||
* @id cpp/new-free-mismatch
|
||||
* @tags reliability
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/overflow-calculated
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 9.8
|
||||
* @tags reliability
|
||||
* security
|
||||
* external/cwe/cwe-131
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/overflow-destination
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.8
|
||||
* @precision low
|
||||
* @tags reliability
|
||||
* security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* may result in a buffer overflow.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.8
|
||||
* @precision medium
|
||||
* @id cpp/static-buffer-overflow
|
||||
* @tags reliability
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* an instance of the type of the pointer may result in a buffer overflow
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.1
|
||||
* @precision medium
|
||||
* @id cpp/allocation-too-small
|
||||
* @tags reliability
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* multiple instances of the type of the pointer may result in a buffer overflow
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.1
|
||||
* @precision medium
|
||||
* @id cpp/suspicious-allocation-size
|
||||
* @tags reliability
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/use-after-free
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.8
|
||||
* @tags reliability
|
||||
* security
|
||||
* external/cwe/cwe-416
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* to a larger type.
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 8.1
|
||||
* @precision very-high
|
||||
* @id cpp/bad-addition-overflow-check
|
||||
* @tags reliability
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* be a sign that the result can overflow the type converted from.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.1
|
||||
* @precision high
|
||||
* @id cpp/integer-multiplication-cast-to-long
|
||||
* @tags reliability
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* use the width of the base type, leading to misaligned reads.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.8
|
||||
* @precision high
|
||||
* @tags correctness
|
||||
* reliability
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* from an untrusted source, this can be used for exploits.
|
||||
* @kind problem
|
||||
* @problem.severity recommendation
|
||||
* @problem.security-severity 9.8
|
||||
* @precision high
|
||||
* @id cpp/non-constant-format
|
||||
* @tags maintainability
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
* @description Using alloca in a loop can lead to a stack overflow
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.5
|
||||
* @precision high
|
||||
* @id cpp/alloca-in-loop
|
||||
* @tags reliability
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/improper-null-termination
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.8
|
||||
* @tags security
|
||||
* external/cwe/cwe-170
|
||||
* external/cwe/cwe-665
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* as the third argument may result in a buffer overflow.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.8
|
||||
* @precision medium
|
||||
* @id cpp/bad-strncpy-size
|
||||
* @tags reliability
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* as the third argument may result in a buffer overflow.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.8
|
||||
* @precision medium
|
||||
* @id cpp/unsafe-strncat
|
||||
* @tags reliability
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/uninitialized-local
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.8
|
||||
* @precision medium
|
||||
* @tags security
|
||||
* external/cwe/cwe-665
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* may result in a buffer overflow
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 9.8
|
||||
* @precision medium
|
||||
* @id cpp/unsafe-strcat
|
||||
* @tags reliability
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* @kind path-problem
|
||||
* @precision low
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 8.6
|
||||
* @tags security external/cwe/cwe-20
|
||||
*/
|
||||
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* @kind path-problem
|
||||
* @precision low
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 8.6
|
||||
* @tags security external/cwe/cwe-20
|
||||
*/
|
||||
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* attacker to access unexpected resources.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.8
|
||||
* @precision medium
|
||||
* @id cpp/path-injection
|
||||
* @tags security
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* to command injection.
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 9.8
|
||||
* @precision low
|
||||
* @id cpp/command-line-injection
|
||||
* @tags security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* allows for a cross-site scripting vulnerability.
|
||||
* @kind path-problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 6.1
|
||||
* @precision high
|
||||
* @id cpp/cgi-xss
|
||||
* @tags security
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* to SQL Injection.
|
||||
* @kind path-problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 9.8
|
||||
* @precision high
|
||||
* @id cpp/sql-injection
|
||||
* @tags security
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* commands.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.2
|
||||
* @precision medium
|
||||
* @id cpp/uncontrolled-process-operation
|
||||
* @tags security
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/overflow-buffer
|
||||
* @problem.severity recommendation
|
||||
* @problem.security-severity 8.8
|
||||
* @tags security
|
||||
* external/cwe/cwe-119
|
||||
* external/cwe/cwe-121
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* overflow.
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 9.1
|
||||
* @precision high
|
||||
* @id cpp/badly-bounded-write
|
||||
* @tags reliability
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* of data written may overflow.
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 9.1
|
||||
* @precision medium
|
||||
* @id cpp/overrunning-write
|
||||
* @tags reliability
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* take extreme values.
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 9.1
|
||||
* @precision medium
|
||||
* @id cpp/overrunning-write-with-float
|
||||
* @tags reliability
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* of data written may overflow.
|
||||
* @kind path-problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 9.1
|
||||
* @precision medium
|
||||
* @id cpp/unbounded-write
|
||||
* @tags reliability
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* a specific value to terminate the argument list.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 9.8
|
||||
* @precision medium
|
||||
* @id cpp/unterminated-variadic-call
|
||||
* @tags reliability
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/unclear-array-index-validation
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 9.8
|
||||
* @tags security
|
||||
* external/cwe/cwe-129
|
||||
*/
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* terminator can cause a buffer overrun.
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 9.8
|
||||
* @precision high
|
||||
* @id cpp/no-space-for-terminator
|
||||
* @tags reliability
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* or data representation problems.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 9.8
|
||||
* @precision high
|
||||
* @id cpp/tainted-format-string
|
||||
* @tags reliability
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* or data representation problems.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 9.8
|
||||
* @precision high
|
||||
* @id cpp/tainted-format-string-through-global
|
||||
* @tags reliability
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/user-controlled-null-termination-tainted
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 5.5
|
||||
* @tags security
|
||||
* external/cwe/cwe-170
|
||||
*/
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* not validated can cause overflows.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.1
|
||||
* @precision low
|
||||
* @id cpp/tainted-arithmetic
|
||||
* @tags security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* validated can cause overflows.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.1
|
||||
* @precision medium
|
||||
* @id cpp/uncontrolled-arithmetic
|
||||
* @tags security
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/arithmetic-with-extreme-values
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.1
|
||||
* @precision low
|
||||
* @tags security
|
||||
* reliability
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* @id cpp/comparison-with-wider-type
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.8
|
||||
* @precision high
|
||||
* @tags reliability
|
||||
* security
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/integer-overflow-tainted
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.1
|
||||
* @precision low
|
||||
* @tags security
|
||||
* external/cwe/cwe-190
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* user can result in integer overflow.
|
||||
* @kind path-problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 8.1
|
||||
* @precision medium
|
||||
* @id cpp/uncontrolled-allocation-size
|
||||
* @tags reliability
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/unsigned-difference-expression-compared-zero
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.2
|
||||
* @precision medium
|
||||
* @tags security
|
||||
* correctness
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* vulnerable to spoofing attacks.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.7
|
||||
* @precision medium
|
||||
* @id cpp/user-controlled-bypass
|
||||
* @tags security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* to an attacker.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.5
|
||||
* @precision medium
|
||||
* @id cpp/cleartext-storage-buffer
|
||||
* @tags security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* to an attacker.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 6.5
|
||||
* @precision medium
|
||||
* @id cpp/cleartext-storage-file
|
||||
* @tags security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* database can expose it to an attacker.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 6.5
|
||||
* @precision medium
|
||||
* @id cpp/cleartext-storage-database
|
||||
* @tags security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* an attacker to compromise security.
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 7.5
|
||||
* @precision medium
|
||||
* @id cpp/weak-cryptographic-algorithm
|
||||
* @tags security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* attackers to retrieve portions of memory.
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 7.5
|
||||
* @precision very-high
|
||||
* @id cpp/openssl-heartbleed
|
||||
* @tags security
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* the two operations.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.0
|
||||
* @precision medium
|
||||
* @id cpp/toctou-race-condition
|
||||
* @tags security
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* @id cpp/unsafe-create-process-call
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 7.8
|
||||
* @precision medium
|
||||
* @msrc.severity important
|
||||
* @tags security
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/incorrect-string-type-conversion
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 9.8
|
||||
* @precision high
|
||||
* @tags security
|
||||
* external/cwe/cwe-704
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
* @description Creating a file that is world-writable can allow an attacker to write to the file.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.8
|
||||
* @precision medium
|
||||
* @id cpp/world-writable-file-creation
|
||||
* @tags security
|
||||
|
||||
@@ -7,6 +7,7 @@
|
||||
* @id cpp/unsafe-dacl-security-descriptor
|
||||
* @kind problem
|
||||
* @problem.severity error
|
||||
* @problem.security-severity 7.8
|
||||
* @precision high
|
||||
* @tags security
|
||||
* external/cwe/cwe-732
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/infinite-loop-with-unsatisfiable-exit-condition
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.5
|
||||
* @tags security
|
||||
* external/cwe/cwe-835
|
||||
*/
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/redundant-null-check-param
|
||||
* @problem.severity recommendation
|
||||
* @problem.security-severity 7.5
|
||||
* @tags reliability
|
||||
* security
|
||||
* external/cwe/cwe-476
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/late-check-of-function-argument
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.6
|
||||
* @precision medium
|
||||
* @tags correctness
|
||||
* security
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
* @description Use of one of the scanf functions without a specified length.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 9.8
|
||||
* @id cpp/memory-unsafe-function-scan
|
||||
* @tags reliability
|
||||
* security
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
* @description Using a multiplication result that may overflow in the size of an allocation may lead to buffer overflows when the allocated memory is used.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 8.1
|
||||
* @precision low
|
||||
* @tags security
|
||||
* correctness
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
* from these methods is not checked.
|
||||
* @kind problem
|
||||
* @problem.severity recommendation
|
||||
* @problem.security-severity 9.8
|
||||
* @id cpp/drop-linux-privileges-outoforder
|
||||
* @tags security
|
||||
* external/cwe/cwe-273
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* @kind problem
|
||||
* @id cpp/memory-leak-on-failed-call-to-realloc
|
||||
* @problem.severity warning
|
||||
* @problem.security-severity 7.5
|
||||
* @precision medium
|
||||
* @tags correctness
|
||||
* security
|
||||
|
||||
Reference in New Issue
Block a user