Set CWE-134 from 9.3 to 7.3 CVSS score for memory safe languages

- Sync up to score given to javascript/ruby
2026-04-30 11:15:13 +02:00 · 2025-05-19 14:43:08 -04:00
parent e6235a57e7
commit 8a81aa1762
3 changed files with 3 additions and 3 deletions
--- a/Features/CWE-134/UncontrolledFormatString.ql
+++ b/Features/CWE-134/UncontrolledFormatString.ql
@@ -4,7 +4,7 @@
 *              and cause a denial of service.
 * @kind path-problem
 * @problem.severity error
- * @security-severity 9.3
+ * @security-severity 7.3
 * @precision high
 * @id cs/uncontrolled-format-string
 * @tags security