diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsAllowsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsAllowsContentAccess.ql
index 7ac14ff3c48..0026fbd47c7 100644
--- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsAllowsContentAccess.ql
+++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsAllowsContentAccess.ql
@@ -65,7 +65,7 @@ private newtype WebViewOrSettings =
   IsWebView() or
   IsSettings()
 
-private module WebViewDisallowContentAccessConfiguration implements DataFlow::StateConfigSig {
+private module WebViewDisallowContentAccessConfig implements DataFlow::StateConfigSig {
   class FlowState = WebViewOrSettings;
 
   predicate isSource(DataFlow::Node node, FlowState state) {
@@ -102,7 +102,7 @@ private module WebViewDisallowContentAccessConfiguration implements DataFlow::St
 }
 
 module WebViewDisallowContentAccessFlow =
-  TaintTracking::MakeWithState<WebViewDisallowContentAccessConfiguration>;
+  TaintTracking::MakeWithState<WebViewDisallowContentAccessConfig>;
 
 from Expr e
 where
diff --git a/java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql b/java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql
index e1a94c62dba..6055089433e 100644
--- a/java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql
+++ b/java/ql/src/Security/CWE/CWE-297/UnsafeHostnameVerification.ql
@@ -44,7 +44,7 @@ class TrustAllHostnameVerifier extends RefType {
 /**
  * A configuration to model the flow of a `TrustAllHostnameVerifier` to a `set(Default)HostnameVerifier` call.
  */
-private module TrustAllHostnameVerifierConfiguration implements DataFlow::ConfigSig {
+private module TrustAllHostnameVerifierConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) {
     source.asExpr().(ClassInstanceExpr).getConstructedType() instanceof TrustAllHostnameVerifier
   }
@@ -77,7 +77,7 @@ private module TrustAllHostnameVerifierConfiguration implements DataFlow::Config
   }
 }
 
-module TrustAllHostnameVerifierFlow = DataFlow::Make<TrustAllHostnameVerifierConfiguration>;
+module TrustAllHostnameVerifierFlow = DataFlow::Make<TrustAllHostnameVerifierConfig>;
 
 import TrustAllHostnameVerifierFlow::PathGraph
 
diff --git a/java/ql/src/Security/CWE/CWE-643/XPathInjection.ql b/java/ql/src/Security/CWE/CWE-643/XPathInjection.ql
index ea6aa713d9e..df68af6e4a8 100644
--- a/java/ql/src/Security/CWE/CWE-643/XPathInjection.ql
+++ b/java/ql/src/Security/CWE/CWE-643/XPathInjection.ql
@@ -16,13 +16,13 @@ import semmle.code.java.dataflow.FlowSources
 import semmle.code.java.dataflow.TaintTracking
 import semmle.code.java.security.XPath
 
-private module XPathInjectionConfiguration implements DataFlow::ConfigSig {
+private module XPathInjectionConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
   predicate isSink(DataFlow::Node sink) { sink instanceof XPathInjectionSink }
 }
 
-module XPathInjectionFlow = TaintTracking::Make<XPathInjectionConfiguration>;
+module XPathInjectionFlow = TaintTracking::Make<XPathInjectionConfig>;
 
 import XPathInjectionFlow::PathGraph