CWE-020: Lower security-severity for OverlyLargeRange queries to 4.0

Napalys · Napalys · commit fa4717401381 · 2025-10-22T11:32:33.000Z
diff --git a/java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql b/java/ql/src/Security/CWE/CWE-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
  *              This may allow an attacker to bypass a filter or sanitizer.
  * @kind problem
  * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
  * @precision high
  * @id java/overly-large-range
  * @tags correctness
diff --git a/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql b/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
  *              This may allow an attacker to bypass a filter or sanitizer.
  * @kind problem
  * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
  * @precision high
  * @id js/overly-large-range
  * @tags correctness
diff --git a/python/ql/src/Security/CWE-020/OverlyLargeRange.ql b/python/ql/src/Security/CWE-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
  *              This may allow an attacker to bypass a filter or sanitizer.
  * @kind problem
  * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
  * @precision high
  * @id py/overly-large-range
  * @tags correctness
diff --git a/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql b/ruby/ql/src/queries/security/cwe-020/OverlyLargeRange.ql
@@ -4,7 +4,7 @@
  *              This may allow an attacker to bypass a filter or sanitizer.
  * @kind problem
  * @problem.severity warning
- * @security-severity 5.0
+ * @security-severity 4.0
  * @precision high
  * @id rb/overly-large-range
  * @tags correctness
