CWE-020: Lower security-severity for OverlyLargeRange queries to 4.0

2025-12-16 16:53:25 +01:00 · 2025-10-22 11:32:33 +00:00
parent 7b6720ce2c
commit fa47174013
4 changed files with 4 additions and 4 deletions
--- a/java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql
+++ b/java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
 *              This may allow an attacker to bypass a filter or sanitizer.
 * @kind problem
 * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
 * @precision high
 * @id java/overly-large-range
 * @tags correctness
--- a/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql
+++ b/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
 *              This may allow an attacker to bypass a filter or sanitizer.
 * @kind problem
 * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
 * @precision high
 * @id js/overly-large-range
 * @tags correctness
--- a/python/ql/src/Security/CWE-020/OverlyLargeRange.ql
+++ b/python/ql/src/Security/CWE-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
 *              This may allow an attacker to bypass a filter or sanitizer.
 * @kind problem
 * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
 * @precision high
 * @id py/overly-large-range
 * @tags correctness
--- a/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql
+++ b/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
 *              This may allow an attacker to bypass a filter or sanitizer.
 * @kind problem
 * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
 * @precision high
 * @id rb/overly-large-range
 * @tags correctness