Update severity levels
What does this MR do?
Update severity levels for loads of rules
Full list of changes
- Update `c/access/rule-RpcImpersonateClient-ImpersonateLoggedOnUser` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/access/rule-umask` `security-severity` metadata from `INFO` to `High`
- Update `c/buffer/rule-MultiByteToWideChar` `security-severity` metadata from `INFO` to `High`
- Update `c/buffer/rule-StrCat-StrCatA` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-fscanf-sscanf` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-g-get-home-dir` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/buffer/rule-g-get-tmp-dir` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/buffer/rule-getenv-curl-getenv` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/buffer/rule-gets--getts` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-getwd` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/buffer/rule-lstrcat-wcscat` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-lstrcatn-wcsncat` `security-severity` metadata from `INFO` to `High`
- Update `c/buffer/rule-lstrcpy-wcscpy` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-lstrcpyn-wcsncpy` `security-severity` metadata from `INFO` to `High`
- Update `c/buffer/rule-memcpy-CopyMemory` `security-severity` metadata from `INFO` to `High`
- Update `c/buffer/rule-realpath` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/buffer/rule-scanf-vscanf` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-sprintf-vsprintf` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-strcat` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-strccpy-strcadd` `security-severity` metadata from `INFO` to `High`
- Update `c/buffer/rule-strcpy` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-strcpyA-strcpyW` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-streadd-strecpy` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/buffer/rule-strlen-wcslen` `security-severity` metadata from `INFO` to `High`
- Update `c/buffer/rule-strncat` `security-severity` metadata from `INFO` to `High`
- Update `c/buffer/rule-strncpy` `security-severity` metadata from `INFO` to `High`
- Update `c/buffer/rule-strtrns` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/crypto/rule-EVP-des-ecb-EVP-des-cbc` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `c/crypto/rule-EVP-rc4-40-EVP-rc2-40-cbc` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `c/crypto/rule-crypt-crypt-r` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `c/format/rule-fprintf-vfprintf` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/format/rule-printf-vprintf` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/format/rule-snprintf-vsnprintf` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/format/rule-syslog` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/free/rule-memalign` `security-severity` metadata from `INFO` to `High`
- Update `c/integer/rule-atoi-atol` `security-severity` metadata from `INFO` to `Medium`
- Update `c/misc/rule-AddAccessAllowedAce` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/misc/rule-LoadLibrary` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/misc/rule-LoadLibraryEx` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/misc/rule-SetSecurityDescriptorDacl` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `c/misc/rule-cuserid` `security-severity` metadata from `CRITICAL` to `Low`
- Update `c/misc/rule-fopen-open` `security-severity` metadata from `INFO` to `Medium`
- Update `c/misc/rule-getlogin` `security-severity` metadata from `CRITICAL` to `Low`
- Update `c/misc/rule-getpass` `security-severity` metadata from `CRITICAL` to `Low`
- Update `c/obsolete/rule-gsignal-ssignal` `security-severity` metadata from `INFO` to `Info`
- Update `c/obsolete/rule-ulimit` `security-severity` metadata from `INFO` to `Info`
- Update `c/obsolete/rule-usleep` `security-severity` metadata from `INFO` to `Info`
- Update `c/race/rule-access` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `c/race/rule-chmod` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `c/race/rule-chown` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `c/race/rule-readlink` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `c/race/rule-vfork` `security-severity` metadata from `INFO` to `Medium`
- Update `c/random/rule-drand48-erand48` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `c/shell/rule-CreateProcess` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/shell/rule-CreateProcessAsUser-CreateProcessWithLogon` `security-severity` metadata from `MEDIUM` to `High`
- Update `c/shell/rule-execl-execlp` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/shell/rule-system` `security-severity` metadata from `CRITICAL` to `High`
- Update `c/tmpfile/rule-GetTempFileName` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `c/tmpfile/rule-mkstemp` `security-severity` metadata from `INFO` to `Medium`
- Update `c/tmpfile/rule-mktemp` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `c/tmpfile/rule-tmpfile` `security-severity` metadata from `INFO` to `Medium`
- Update `c/tmpfile/rule-tmpnam-tempnam` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/cookies/rule-CookieWithoutHttpOnlyFlag` `security-severity` metadata from `MEDIUM` to `Low`
- Update `csharp/cookies/rule-CookieWithoutSSLFlag` `security-severity` metadata from `MEDIUM` to `Low`
- Update `csharp/crypto/rule-CertificateValidationDisabled` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/crypto/rule-WeakCipherAlgorithm` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/crypto/rule-WeakCipherMode` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/crypto/rule-WeakHashingFunction` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/crypto/rule-WeakRNG` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/csrf/rule-Csrf` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/deserialization/rule-InsecureDeserialization` `security-severity` metadata from `MEDIUM` to `High`
- Update `csharp/endpoint/rule-UnvalidatedRedirect` `security-severity` metadata from `MEDIUM` to `Info`
- Update `csharp/injection/rule-CommandInjection` `security-severity` metadata from `CRITICAL` to `High`
- Update `csharp/injection/rule-LdapInjection` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/injection/rule-SQLInjection` `security-severity` metadata from `CRITICAL` to `High`
- Update `csharp/injection/rule-XPathInjection` `security-severity` metadata from `INFO` to `Medium`
- Update `csharp/injection/rule-XmlDocumentXXEInjection` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/other/rule-UnsafeXSLTSettingUsed` `security-severity` metadata from `MEDIUM` to `High`
- Update `csharp/password/rule-PasswordComplexity` `security-severity` metadata from `MEDIUM` to `Info`
- Update `csharp/path/rule-PathTraversal` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `csharp/validation/rule-InputValidation` `security-severity` metadata from `MEDIUM` to `Info`
- Update `csharp/xss/rule-HtmlElementXss` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/blocklist/rule-blocklist-des` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/blocklist/rule-blocklist-md5` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/blocklist/rule-blocklist-rc4` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/blocklist/rule-blocklist-sha1` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/crypto/rule-badtlssettings` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/crypto/rule-insecure-ignore-host-key` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/crypto/rule-tlsversion` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/crypto/rule-weakkeystrength` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/crypto/rule-weakrandsource` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/file_permissions/rule-fileperm` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/file_permissions/rule-mkdir` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/filesystem/rule-decompression-bomb` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/filesystem/rule-httprootdir` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/filesystem/rule-fileread` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/filesystem/rule-poorwritepermissions` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/filesystem/rule-tempfiles` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/filesystem/rule-ziparchive` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/http/rule-http-serve` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/injection/rule-ssrf` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/injection/rule-template-injection` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `go/leak/rule-pprof-endpoint` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `go/memory/rule-integer-overflow` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `go/memory/rule-memoryaliasing` `security-severity` metadata from `MEDIUM` to `Info`
- Update `go/network/rule-bind-to-all-interfaces` `security-severity` metadata from `MEDIUM` to `Low`
- Update `go/sql/rule-concat-sqli` `security-severity` metadata from `MEDIUM` to `High`
- Update `go/subproc/rule-subproc` `security-severity` metadata from `MEDIUM` to `High`
- Update `go/unsafe/rule-unsafe` `security-severity` metadata from `INFO` to `High`
- Update `java/cookie/rule-CookieHTTPOnly` `security-severity` metadata from `MEDIUM` to `Low`
- Update `java/cookie/rule-CookieInsecure` `security-severity` metadata from `MEDIUM` to `Low`
- Update `java/cookie/rule-HttpResponseSplitting` `security-severity` metadata from `MEDIUM` to `High`
- Update `java/cookie/rule-RequestParamToHeader` `security-severity` metadata from `CRITICAL` to `High`
- Update `java/cors/rule-PermissiveCORSInjection` `security-severity` metadata from `CRITICAL` to `Low`
- Update `java/crypto/rule-BlowfishKeySize` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-CipherDESInsecure` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-CipherDESedeInsecure` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-CipherECBMode` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `java/crypto/rule-CipherIntegrity` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `java/crypto/rule-CipherPaddingOracle` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `java/crypto/rule-CustomMessageDigest` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-HazelcastSymmetricEncryption` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-InsufficientKeySizeRsa` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-NullCipher` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-RsaNoPadding` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-WeakMessageDigest` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-WeakTLSProtocol` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/crypto/rule-WeakTLSProtocolVersion` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `rules/lgpl-cc/java/csrf/rule-SpringCSRFDisabled` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/endpoint/rule-UnvalidatedRedirect` `security-severity` metadata from `CRITICAL` to `Info`
- Update `java/file/rule-FileUploadFileName` `security-severity` metadata from `MEDIUM` to `Info`
- Update `java/file/rule-FilenameUtils` `security-severity` metadata from `MEDIUM` to `Info`
- Update `java/inject/rule-CommandInjection` `security-severity` metadata from `MEDIUM` to `High`
- Update `java/inject/rule-ELInjection` `security-severity` metadata from `MEDIUM` to `Info`
- Update `java/inject/rule-HttpParameterPollution` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `java/inject/rule-LDAPInjection` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/inject/rule-OgnlInjection` `security-severity` metadata from `MEDIUM` to `High`
- Update `java/inject/rule-SpotbugsPathTraversalAbsolute` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `rules/lgpl-cc/java/inject/rule-SqlInjection` `security-severity` metadata from `CRITICAL` to `High`
- Update `java/ldap/rule-AnonymousLDAP` `security-severity` metadata from `MEDIUM` to `High`
- Update `java/password/rule-ConstantDBPassword` `security-severity` metadata from `MEDIUM` to `High`
- Update `java/password/rule-EmptyDBPassword` `security-severity` metadata from `MEDIUM` to `High`
- Update `java/password/rule-HardcodeKeyEquals` `security-severity` metadata from `MEDIUM` to `High`
- Update `java/password/rule-HardcodePassword` `security-severity` metadata from `CRITICAL` to `High`
- Update `java/perm/rule-DangerousPermissions` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/perm/rule-OverlyPermissiveFilePermissionInline` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/random/rule-PseudoRandom` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/script/rule-ScriptInjection` `security-severity` metadata from `CRITICAL` to `High`
- Update `java/script/rule-SpringSpelExpressionParser` `security-severity` metadata from `CRITICAL` to `High`
- Update `java/smtp/rule-InsecureSmtp` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `java/smtp/rule-SmtpClient` `security-severity` metadata from `CRITICAL` to `Low`
- Update `java/ssrf/rule-SSRF` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `java/strings/rule-BadHexConversion` `security-severity` metadata from `MEDIUM` to `Info`
- Update `java/strings/rule-FormatStringManipulation` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `java/strings/rule-ModifyAfterValidation` `security-severity` metadata from `MEDIUM` to `Info`
- Update `java/strings/rule-NormalizeAfterValidation` `security-severity` metadata from `MEDIUM` to `Info`
- Update `java/templateinjection/rule-TemplateInjection` `security-severity` metadata from `CRITICAL` to `High`
- Update `java/unsafe/rule-ExternalConfigControl` `security-severity` metadata from `MEDIUM` to `Low`
- Update `java/xml/rule-SAMLIgnoreComments` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/xml/rule-XmlDecoder` `security-severity` metadata from `MEDIUM` to `High`
- Update `java/xml/rule-XsltTransform` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `rules/lgpl-cc/java/xpathi/rule-XpathInjection` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `java/xss/rule-WicketXSS` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/xss/rule-XSSReqParamToServletWriter` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `java/xxe/rule-XMLRdr` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `java/xxe/rule-XMLStreamRdr` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `javascript/buf/rule-buffer-noassert` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `javascript/buf/rule-detect-new-buffer` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `javascript/dos/rule-non-literal-regexp` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `javascript/eval/rule-eval-with-expression` `security-severity` metadata from `MEDIUM` to `High`
- Update `javascript/pathtraversal/rule-non-literal-fs-filename` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `javascript/random/rule-pseudo-random-bytes` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `javascript/react/rule-dangerouslysetinnerhtml` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `javascript/require/rule-non-literal-require` `security-severity` metadata from `MEDIUM` to `Low`
- Update `javascript/timing/rule-possible-timing-attacks` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `javascript/xss/rule-mustache-escape` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/assert/rule-assert-used` `security-severity` metadata from `INFO` to `Info`
- Update `python/bind_all_interfaces/rule-general-bindall-interfaces` `security-severity` metadata from `INFO` to `Low`
- Update `python/crypto/rule-cipher-modes` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-hazmat-hash-md5` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-hazmat-hash-sha1` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-cipher-blowfish` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-cipher-des` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-cipher-rc2` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-cipher-rc4` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-cipher-xor` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-encrypt-dsa-rsa` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `python/crypto/rule-crypto-encrypt-ec` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `python/crypto/rule-crypto-hash-md5` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-hash-sha1` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-hazmat-cipher-arc4` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-hazmat-cipher-blowfish` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-crypto-hazmat-cipher-idea` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-hash-md2` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-hash-md4` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-hash-md5` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-hash-sha1` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-hashlib-new-insecure-functions` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/crypto/rule-import-pycrypto` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `python/deserialization/rule-cpickle` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/deserialization/rule-dill` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/deserialization/rule-marshal` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/deserialization/rule-pickle` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/deserialization/rule-shelve` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/deserialization/rule-yaml-load` `security-severity` metadata from `CRITICAL` to `High`
- Update `python/django/rule-django-extra-used` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/escaping/rule-django` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/escaping/rule-jinja2-autoescape-false` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/escaping/rule-use-of-mako-templates` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/eval/rule-eval` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/exec/rule-exec-used` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/exec/rule-linux-command-wildcard-injection` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/exec/rule-os-path` `security-severity` metadata from `INFO` to `High`
- Update `python/exec/rule-os-popen2` `security-severity` metadata from `INFO` to `High`
- Update `python/exec/rule-paramiko-calls` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/exec/rule-start-process-partial-path` `security-severity` metadata from `INFO` to `High`
- Update `python/exec/rule-start-process-path` `security-severity` metadata from `CRITICAL` to `High`
- Update `python/exec/rule-start-process-with-no-shell` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/exec/rule-subprocess-call` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/exec/rule-subprocess-call-array` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/exec/rule-subprocess-popen-shell-true` `security-severity` metadata from `CRITICAL` to `High`
- Update `python/exec/rule-subprocess-shell-TRUE` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/file_permissions/rule-general-bad-permission` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/files/rule-tarfile-unsafe-members` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/flask/rule-app-debug` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/ftp/rule-ftplib` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/log/rule-logging-config-insecure-listen` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/random/rule-random` `security-severity` metadata from `INFO` to `Medium`
- Update `python/requests/rule-request-without-timeout` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/snmp/rule-insecure-snmp-version` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/snmp/rule-snmp-weak-cryptography` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/sql/rule-hardcoded-sql-expression` `security-severity` metadata from `MEDIUM` to `High`
- Update `python/ssh/rule-ssh-nohost-key-verification` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `python/ssl/rule-req-no-certvalid` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `python/ssl/rule-ssl-no-version` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/ssl/rule-ssl-with-bad-version` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `python/ssl/rule-unverified-context` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `python/telnet/rule-import-telnib` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `python/tmpdir/rule-hardcodedtmp` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/tmpdir/rule-mktemp-q` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `python/urlopen/rule-urllib-urlopen` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/xml/rule-celement` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/xml/rule-element` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/xml/rule-etree` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/xml/rule-expatbuilder` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/xml/rule-expatreader` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/xml/rule-minidom` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/xml/rule-pulldom` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `python/xml/rule-sax` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/cookie/rule-CookieHTTPOnly` `security-severity` metadata from `MEDIUM` to `Low`
- Update `scala/cookie/rule-CookieInsecure` `security-severity` metadata from `MEDIUM` to `Low`
- Update `scala/cookie/rule-CookiePersistent` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/cookie/rule-CookieUsage` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/cookie/rule-HttpResponseSplitting` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/cookie/rule-RequestParamToCookie` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/cookie/rule-RequestParamToHeader` `security-severity` metadata from `CRITICAL` to `High`
- Update `scala/cookie/rule-TrustBoundaryViolation` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/cors/rule-PermissiveCORS` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/cors/rule-PermissiveCORSInjection` `security-severity` metadata from `CRITICAL` to `Low`
- Update `scala/crypto/rule-BlowfishKeySize` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/crypto/rule-CipherDESInsecure` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/crypto/rule-CipherDESedeInsecure` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/crypto/rule-CipherECBMode` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/crypto/rule-CipherIntegrity` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/crypto/rule-CipherPaddingOracle` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/crypto/rule-CustomMessageDigest` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/crypto/rule-DefaultHTTPClient` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/crypto/rule-HazelcastSymmetricEncryption` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/crypto/rule-InsufficientKeySizeRsa` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/crypto/rule-NullCipher` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/crypto/rule-RsaNoPadding` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/crypto/rule-WeakMessageDigest` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/crypto/rule-WeakTLSProtocol` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/endpoint/rule-InsecureServlet` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/endpoint/rule-JaxRsEndpoint` `security-severity` metadata from `INFO` to `Medium`
- Update `scala/endpoint/rule-JaxWsEndpoint` `security-severity` metadata from `INFO` to `Info`
- Update `scala/endpoint/rule-UnencryptedSocket` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/endpoint/rule-UnvalidatedRedirect` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/endpoint/rule-WeakHostNameVerification` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/file/rule-FileUploadFileName` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/file/rule-FilenameUtils` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/form/rule-FormValidate` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/inject/rule-AWSQueryInjection` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/inject/rule-BeanPropertyInjection` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/inject/rule-CLRFInjectionLogs` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/inject/rule-CommandInjection` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/inject/rule-CustomInjection` `security-severity` metadata from `MEDIUM` to `Low`
- Update `scala/inject/rule-CustomInjectionSQLString` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/inject/rule-ELInjection` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/inject/rule-FileDisclosure` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/inject/rule-HttpParameterPollution` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/inject/rule-LDAPInjection` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/inject/rule-OgnlInjection` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/inject/rule-PathTraversalIn` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/inject/rule-PathTraversalOut` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/inject/rule-SpotbugsPathTraversalAbsolute` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/inject/rule-SpotbugsPathTraversalRelative` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/inject/rule-SqlInjection` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/ldap/rule-AnonymousLDAP` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/ldap/rule-EntryPoisoning` `security-severity` metadata from `CRITICAL` to `High`
- Update `scala/password/rule-ConstantDBPassword` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/password/rule-EmptyDBPassword` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/password/rule-HardcodeKey` `security-severity` metadata from `CRITICAL` to `High`
- Update `scala/password/rule-HardcodeKeyEquals` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/password/rule-HardcodeKeySuspiciousName` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/password/rule-HardcodeKeySuspiciousValue` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/password/rule-HardcodePassword` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/perm/rule-DangerousPermissions` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/perm/rule-OverlyPermissiveFilePermissionInline` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/perm/rule-OverlyPermissiveFilePermissionObj` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/random/rule-PseudoRandom` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/script/rule-ScriptInjection` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/script/rule-SpelView` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/smtp/rule-InsecureSmtp` `security-severity` metadata from `CRITICAL` to `High`
- Update `scala/smtp/rule-SmtpClient` `security-severity` metadata from `CRITICAL` to `High`
- Update `scala/ssrf/rule-PlaySSRF` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/ssrf/rule-SSRF` `security-severity` metadata from `CRITICAL` to `Low`
- Update `scala/strings/rule-BadHexConversion` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/strings/rule-FormatStringManipulation` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/strings/rule-ImproperUnicode` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/strings/rule-ModifyAfterValidation` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/strings/rule-NormalizeAfterValidation` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/templateinjection/rule-TemplateInjection` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/unsafe/rule-ExternalConfigControl` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/unsafe/rule-InformationExposure` `security-severity` metadata from `MEDIUM` to `Low`
- Update `scala/unsafe/rule-InformationExposureVariant2` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/unsafe/rule-SensitiveDataExposure` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/xml/rule-ApacheXmlRpc` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/xml/rule-SAMLIgnoreComments` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/xml/rule-XmlDecoder` `security-severity` metadata from `MEDIUM` to `High`
- Update `scala/xml/rule-XsltTransform` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/xpathi/rule-XpathInjection` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/xss/rule-MVCApi` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/xss/rule-RequestWrapper` `security-severity` metadata from `INFO` to `Medium`
- Update `scala/xss/rule-WicketXSS` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/xss/rule-XSSReqParamToServletWriter` `security-severity` metadata from `MEDIUM` to `Medium`
- Update `scala/xss/rule-XSSServlet` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/xss/rule-XSSServletParameter` `security-severity` metadata from `MEDIUM` to `Info`
- Update `scala/xxe/rule-Document` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/xxe/rule-SaxParserXXE` `security-severity` metadata from `CRITICAL` to `Info`
- Update `scala/xxe/rule-Trans` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/xxe/rule-XMLRdr` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/xxe/rule-XMLStreamRdr` `security-severity` metadata from `CRITICAL` to `Medium`
- Update `scala/xxe/rule-XPathXXE` `security-severity` metadata from `CRITICAL` to `Medium`What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
The test cases cover both positive and negative cases and are also annotated with appropriate semgrep annotations: - For positive cases:
// ruleid: ... - For negative cases:
// ok: ....
- For positive cases:
-
Following metadata fields exist for the rule(s) added/updated in this MR: -
owaspwith both 2017 and 2021 mappings. category: "security"cweshortDescriptionsecurity-severity
-
-
The message field is valid and contains a secure code example. -
Applicable license is mentioned in the rule if embedded/taken from external source. -
Relevant labels including workflow labels are appropriately selected.
Edited by Craig Smith