Merge pull request #10180 from erik-krogh/fixTags

Add missing security tags
2026-04-29 10:45:15 +02:00 · 2022-09-02 08:04:57 +02:00
parent 7584434b80 b1e53280a6
commit 6cee635cb5
14 changed files with 17 additions and 7 deletions
--- a/python/ql/src/Security/CWE-730/PolynomialReDoS.ql
+++ b/python/ql/src/Security/CWE-730/PolynomialReDoS.ql
@@ -4,6 +4,7 @@
 *              to match may be vulnerable to denial-of-service attacks.
 * @kind path-problem
 * @problem.severity warning
+ * @security-severity 7.5
 * @precision high
 * @id py/polynomial-redos
 * @tags security
--- a/python/ql/src/Security/CWE-730/ReDoS.ql
+++ b/python/ql/src/Security/CWE-730/ReDoS.ql
@@ -5,6 +5,7 @@
 *              attacks.
 * @kind problem
 * @problem.severity error
+ * @security-severity 7.5
 * @precision high
 * @id py/redos
 * @tags security
--- a/python/ql/src/Security/CWE-730/RegexInjection.ql
+++ b/python/ql/src/Security/CWE-730/RegexInjection.ql
@@ -5,6 +5,7 @@
 *              exponential time on certain inputs.
 * @kind path-problem
 * @problem.severity error
+ * @security-severity 7.5
 * @precision high
 * @id py/regex-injection
 * @tags security
--- a/python/ql/src/change-notes/2022-08-29-missing-security-severity.md
+++ b/python/ql/src/change-notes/2022-08-29-missing-security-severity.md
@@ -0,0 +1,4 @@
+---
+category: queryMetadata
+---
+* Added the `security-severity` tag the `py/redos`, `py/polynomial-redos`, and `py/regex-injection` queries.