Update security-severity scores

2026-03-11 18:16:47 +01:00 · 2021-06-15 13:25:17 +01:00
parent 19305a217a
commit 771e686946
343 changed files with 343 additions and 343 deletions
--- a/java/ql/src/Frameworks/JavaEE/EJB/EjbContainerInterference.ql
+++ b/java/ql/src/Frameworks/JavaEE/EJB/EjbContainerInterference.ql
@@ -7,7 +7,7 @@
 *              Such operations could interfere with the EJB container's operation.
 * @kind problem
 * @problem.severity error
- * @security-severity 4.9
+ * @security-severity 5.8
 * @precision low
 * @id java/ejb/container-interference
 * @tags reliability
--- a/java/ql/src/Frameworks/JavaEE/EJB/EjbFileIO.ql
+++ b/java/ql/src/Frameworks/JavaEE/EJB/EjbFileIO.ql
@@ -5,7 +5,7 @@
 *              for enterprise components.
 * @kind problem
 * @problem.severity error
- * @security-severity 4.9
+ * @security-severity 5.8
 * @precision low
 * @id java/ejb/file-io
 * @tags reliability
--- a/java/ql/src/Frameworks/JavaEE/EJB/EjbNative.ql
+++ b/java/ql/src/Frameworks/JavaEE/EJB/EjbNative.ql
@@ -4,7 +4,7 @@
 *              Such use could compromise security and system stability.
 * @kind problem
 * @problem.severity error
- * @security-severity 4.9
+ * @security-severity 5.8
 * @precision low
 * @id java/ejb/native-code
 * @tags reliability
--- a/java/ql/src/Frameworks/JavaEE/EJB/EjbReflection.ql
+++ b/java/ql/src/Frameworks/JavaEE/EJB/EjbReflection.ql
@@ -4,7 +4,7 @@
 *              as this could compromise security.
 * @kind problem
 * @problem.severity error
- * @security-severity 4.9
+ * @security-severity 5.8
 * @precision low
 * @id java/ejb/reflection
 * @tags external/cwe/cwe-573
--- a/java/ql/src/Frameworks/JavaEE/EJB/EjbSecurityConfiguration.ql
+++ b/java/ql/src/Frameworks/JavaEE/EJB/EjbSecurityConfiguration.ql
@@ -5,7 +5,7 @@
 *              This functionality is reserved for the EJB container for security reasons.
 * @kind problem
 * @problem.severity error
- * @security-severity 4.9
+ * @security-severity 5.8
 * @precision low
 * @id java/ejb/security-configuration-access
 * @tags external/cwe/cwe-573
--- a/java/ql/src/Frameworks/JavaEE/EJB/EjbSerialization.ql
+++ b/java/ql/src/Frameworks/JavaEE/EJB/EjbSerialization.ql
@@ -4,7 +4,7 @@
 *              the Java serialization protocol, since their use could compromise security.
 * @kind problem
 * @problem.severity error
- * @security-severity 4.9
+ * @security-severity 5.8
 * @precision low
 * @id java/ejb/substitution-in-serialization
 * @tags external/cwe/cwe-573
--- a/java/ql/src/Frameworks/JavaEE/EJB/EjbSetSocketOrUrlFactory.ql
+++ b/java/ql/src/Frameworks/JavaEE/EJB/EjbSetSocketOrUrlFactory.ql
@@ -5,7 +5,7 @@
 *              compromise security or interfere with the EJB container's operation.
 * @kind problem
 * @problem.severity error
- * @security-severity 4.9
+ * @security-severity 5.8
 * @precision low
 * @id java/ejb/socket-or-stream-handler-factory
 * @tags reliability