Merge pull request #8426 from atorralba/atorralba/missing-severities

aschackmull · web-flow · commit f1ec2e3260b6 · 2022-03-31T14:53:47.000+02:00
Java: Add missing security-severity scores
diff --git a/java/ql/src/Security/CWE/CWE-074/JndiInjection.ql b/java/ql/src/Security/CWE/CWE-074/JndiInjection.ql
@@ -4,6 +4,7 @@
  *              object and to execution of arbitrary code.
  * @kind path-problem
  * @problem.severity error
+ * @security-severity 9.8
  * @precision high
  * @id java/jndi-injection
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-074/XsltInjection.ql b/java/ql/src/Security/CWE/CWE-074/XsltInjection.ql
@@ -4,6 +4,7 @@
  *              information disclosure or execution of arbitrary code.
  * @kind path-problem
  * @problem.severity error
+ * @security-severity 9.8
  * @precision high
  * @id java/xslt-injection
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-094/GroovyInjection.ql b/java/ql/src/Security/CWE/CWE-094/GroovyInjection.ql
@@ -4,6 +4,7 @@
  *              may lead to arbitrary code execution.
  * @kind path-problem
  * @problem.severity error
+ * @security-severity 9.3
  * @precision high
  * @id java/groovy-injection
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-094/MvelInjection.ql b/java/ql/src/Security/CWE/CWE-094/MvelInjection.ql
@@ -4,6 +4,7 @@
  *              may lead to remote code execution.
  * @kind path-problem
  * @problem.severity error
+ * @security-severity 9.3
  * @precision high
  * @id java/mvel-expression-injection
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-094/SpelInjection.ql b/java/ql/src/Security/CWE/CWE-094/SpelInjection.ql
@@ -4,6 +4,7 @@
  *              may lead to remote code execution.
  * @kind path-problem
  * @problem.severity error
+ * @security-severity 9.3
  * @precision high
  * @id java/spel-expression-injection
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql b/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql
@@ -3,6 +3,7 @@
  * @description Writing information without explicit permissions to a shared temporary directory may disclose it to other users.
  * @kind path-problem
  * @problem.severity warning
+ * @security-severity 6.5
  * @precision medium
  * @id java/local-temp-file-or-directory-information-disclosure
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql b/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
@@ -5,6 +5,7 @@
  *              the app vulnerable to man-in-the-middle attacks.
  * @kind problem
  * @problem.severity warning
+ * @security-severity 9.8
  * @precision medium
  * @id java/unsafe-cert-trust
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-312/CleartextStorageAndroidDatabase.ql b/java/ql/src/Security/CWE/CWE-312/CleartextStorageAndroidDatabase.ql
@@ -5,6 +5,7 @@
  *              privileges or unexpected exposure from chained vulnerabilities.
  * @kind problem
  * @problem.severity warning
+ * @security-severity 7.5
  * @precision medium
  * @id java/android/cleartext-storage-database
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-312/CleartextStorageAndroidFilesystem.ql b/java/ql/src/Security/CWE/CWE-312/CleartextStorageAndroidFilesystem.ql
@@ -5,6 +5,7 @@
  *              from chained vulnerabilities.
  * @kind problem
  * @problem.severity warning
+ * @security-severity 7.5
  * @precision medium
  * @id java/android/cleartext-storage-filesystem
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-312/CleartextStorageSharedPrefs.ql b/java/ql/src/Security/CWE/CWE-312/CleartextStorageSharedPrefs.ql
@@ -5,6 +5,7 @@
  *              privileges or unexpected exposure from chained vulnerabilities.
  * @kind problem
  * @problem.severity warning
+ * @security-severity 7.5
  * @precision medium
  * @id java/android/cleartext-storage-shared-prefs
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-522/InsecureBasicAuth.ql b/java/ql/src/Security/CWE/CWE-522/InsecureBasicAuth.ql
@@ -6,6 +6,7 @@
  *              the data vulnerable to packet sniffing.
  * @kind path-problem
  * @problem.severity warning
+ * @security-severity 8.8
  * @precision medium
  * @id java/insecure-basic-auth
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-749/UnsafeAndroidAccess.ql b/java/ql/src/Security/CWE/CWE-749/UnsafeAndroidAccess.ql
@@ -4,6 +4,7 @@
  *              application files and web resources from any origin exposing them to attack.
  * @kind path-problem
  * @problem.severity warning
+ * @security-severity 6.1
  * @precision medium
  * @id java/android/unsafe-android-webview-fetch
  * @tags security
diff --git a/java/ql/src/Security/CWE/CWE-917/OgnlInjection.ql b/java/ql/src/Security/CWE/CWE-917/OgnlInjection.ql
@@ -4,6 +4,7 @@
  *                lead to execution of arbitrary code.
  * @kind path-problem
  * @problem.severity error
+ * @security-severity 9.8
  * @precision high
  * @id java/ognl-injection
  * @tags security
diff --git a/java/ql/src/change-notes/2022-03-14-missing-security-severities.md b/java/ql/src/change-notes/2022-03-14-missing-security-severities.md
@@ -0,0 +1,4 @@
+---
+category: queryMetadata
+---
+* Added the `security-severity` tag to several queries.
