Merge pull request github#6815 from asgerf/js/adjust-security-severity-scores

codeql-ci · web-flow · commit a0dd3d9e75eb · 2021-10-07T02:36:19.000-07:00
Approved by erik-krogh, esbena
diff --git a/javascript/ql/src/Security/CWE-078/IndirectCommandInjection.ql b/javascript/ql/src/Security/CWE-078/IndirectCommandInjection.ql
@@ -5,7 +5,7 @@
  *              command-line injection vulnerabilities.
  * @kind path-problem
  * @problem.severity warning
- * @security-severity 9.8
+ * @security-severity 6.3
  * @precision medium
  * @id js/indirect-command-line-injection
  * @tags correctness
diff --git a/javascript/ql/src/Security/CWE-078/ShellCommandInjectionFromEnvironment.ql b/javascript/ql/src/Security/CWE-078/ShellCommandInjectionFromEnvironment.ql
@@ -4,7 +4,7 @@
  *              environment may cause subtle bugs or vulnerabilities.
  * @kind path-problem
  * @problem.severity warning
- * @security-severity 9.8
+ * @security-severity 6.3
  * @precision high
  * @id js/shell-command-injection-from-environment
  * @tags correctness
diff --git a/javascript/ql/src/Security/CWE-078/UnsafeShellCommandConstruction.ql b/javascript/ql/src/Security/CWE-078/UnsafeShellCommandConstruction.ql
@@ -4,7 +4,7 @@
  *              user to change the meaning of the command.
  * @kind path-problem
  * @problem.severity error
- * @security-severity 9.8
+ * @security-severity 6.3
  * @precision high
  * @id js/shell-command-constructed-from-input
  * @tags correctness
diff --git a/javascript/ql/src/Security/CWE-078/UselessUseOfCat.ql b/javascript/ql/src/Security/CWE-078/UselessUseOfCat.ql
@@ -3,7 +3,7 @@
  * @description Using the  `cat` process to read a file is unnecessarily complex, inefficient, unportable, and can lead to subtle bugs, or even security vulnerabilities.
  * @kind problem
  * @problem.severity error
- * @security-severity 9.8
+ * @security-severity 6.3
  * @precision high
  * @id js/unnecessary-use-of-cat
  * @tags correctness
diff --git a/javascript/ql/src/Security/CWE-094/CodeInjection.ql b/javascript/ql/src/Security/CWE-094/CodeInjection.ql
@@ -4,11 +4,12 @@
  *              code execution.
  * @kind path-problem
  * @problem.severity error
- * @security-severity 6.1
+ * @security-severity 9.3
  * @precision high
  * @id js/code-injection
  * @tags security
  *       external/cwe/cwe-094
+ *       external/cwe/cwe-095
  *       external/cwe/cwe-079
  *       external/cwe/cwe-116
  */
diff --git a/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql b/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql
@@ -3,7 +3,7 @@
  * @description Using external input in format strings can lead to garbled output.
  * @kind path-problem
  * @problem.severity warning
- * @security-severity 9.3
+ * @security-severity 7.3
  * @precision high
  * @id js/tainted-format-string
  * @tags security
diff --git a/javascript/ql/src/Security/CWE-834/LoopBoundInjection.ql b/javascript/ql/src/Security/CWE-834/LoopBoundInjection.ql
@@ -4,10 +4,11 @@
  *              property can cause indefinite looping.
  * @kind path-problem
  * @problem.severity warning
- * @security-severity 6.5
+ * @security-severity 7.5
  * @id js/loop-bound-injection
  * @tags security
  *       external/cwe/cwe-834
+ *       external/cwe/cwe-730
  * @precision high
  */
 
diff --git a/javascript/ql/src/Security/CWE-912/HttpToFileAccess.ql b/javascript/ql/src/Security/CWE-912/HttpToFileAccess.ql
@@ -3,7 +3,7 @@
  * @description Writing network data directly to the file system allows arbitrary file upload and might indicate a backdoor.
  * @kind path-problem
  * @problem.severity warning
- * @security-severity 9.8
+ * @security-severity 6.3
  * @precision medium
  * @id js/http-to-file-access
  * @tags security
