codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

Align Java CommandInjectionRuntimeExec.ql Severity

Open JLLeitschuh opened this issue 1 year ago • 1 comments

Align severity with other command injection vulnerabilities:

  • https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql#L8
  • https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/go/ql/src/Security/CWE-078/CommandInjection.ql#L7
  • https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/swift/ql/src/queries/Security/CWE-078/CommandInjection.ql#L7
  • https://github.com/github/codeql/blob/4a448f445e79b9baa07a302d8062fe9f0fcb00b9/javascript/ql/src/Security/CWE-078/CommandInjection.ql#L7

JLLeitschuh avatar Jun 21 '24 14:06 JLLeitschuh

Related #16807

JLLeitschuh avatar Jun 21 '24 14:06 JLLeitschuh