Python security queries. Choose a precision reflecting actual precision for Security queries.

Author: markshannon

python/ql/src/Security/CWE-022/PathInjection.ql

@@ -4,7 +4,7 @@
  * @kind problem
  * @problem.severity error
  * @sub-severity high
- * @precision medium
+ * @precision high
  * @id py/path-injection
  * @tags correctness
  *       security

python/ql/src/Security/CWE-078/CommandInjection.ql

@@ -5,7 +5,7 @@
  * @kind problem
  * @problem.severity error
  * @sub-severity high
- * @precision medium
+ * @precision high
  * @id py/command-line-injection
  * @tags correctness
  *       security

python/ql/src/Security/CWE-079/ReflectedXss.ql

@@ -5,7 +5,7 @@
  * @kind problem
  * @problem.severity error
  * @sub-severity high
- * @precision medium
+ * @precision high
  * @id py/reflective-xss
  * @tags security
  *       external/cwe/cwe-079

python/ql/src/Security/CWE-089/SqlInjection.ql

@@ -4,7 +4,7 @@
  *              malicious SQL code by the user.
  * @kind problem
  * @problem.severity error
- * @precision medium
+ * @precision high
  * @id py/sql-injection
  * @tags security
  *       external/cwe/cwe-089

python/ql/src/Security/CWE-094/CodeInjection.ql

@@ -5,7 +5,7 @@
  * @kind problem
  * @problem.severity error
  * @sub-severity high
- * @precision medium
+ * @precision high
  * @id py/code-injection
  * @tags security
  *       external/owasp/owasp-a1

python/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql

@@ -3,7 +3,7 @@
  * @description Using broken or weak cryptographic algorithms can compromise security.
  * @kind problem
  * @problem.severity warning
- * @precision medium
+ * @precision high
  * @id py/weak-cryptographic-algorithm
  * @tags security
  *       external/cwe/cwe-327

python/ql/src/Security/CWE-502/UnsafeDeserialization.ql

@@ -5,7 +5,7 @@
  * @id py/unsafe-deserialization
  * @problem.severity error
  * @sub-severity high
- * @precision medium
+ * @precision high
  * @tags external/cwe/cwe-502
  *       security
  *       serialization