From fa471740138190d4ea96b4bcba6690a6ec5c3ac5 Mon Sep 17 00:00:00 2001
From: Napalys Klicius <napalys@github.com>
Date: Wed, 22 Oct 2025 11:32:33 +0000
Subject: [PATCH] CWE-020: Lower security-severity for OverlyLargeRange queries
 to 4.0

---
 java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql     | 2 +-
 javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql   | 2 +-
 python/ql/src/Security/CWE-020/OverlyLargeRange.ql       | 2 +-
 ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql b/java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql
index b8ea3e52dbd..5762785949e 100644
--- a/java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql
+++ b/java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
  *              This may allow an attacker to bypass a filter or sanitizer.
  * @kind problem
  * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
  * @precision high
  * @id java/overly-large-range
  * @tags correctness
diff --git a/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql b/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql
index 582a8975c8f..c5435e34758 100644
--- a/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql
+++ b/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
  *              This may allow an attacker to bypass a filter or sanitizer.
  * @kind problem
  * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
  * @precision high
  * @id js/overly-large-range
  * @tags correctness
diff --git a/python/ql/src/Security/CWE-020/OverlyLargeRange.ql b/python/ql/src/Security/CWE-020/OverlyLargeRange.ql
index 25acc667430..94bc74238bc 100644
--- a/python/ql/src/Security/CWE-020/OverlyLargeRange.ql
+++ b/python/ql/src/Security/CWE-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
  *              This may allow an attacker to bypass a filter or sanitizer.
  * @kind problem
  * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
  * @precision high
  * @id py/overly-large-range
  * @tags correctness
diff --git a/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql b/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql
index 62b088355b5..6f0f529a31d 100644
--- a/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql
+++ b/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
  *              This may allow an attacker to bypass a filter or sanitizer.
  * @kind problem
  * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
  * @precision high
  * @id rb/overly-large-range
  * @tags correctness