feat: add severity where missing

Bearer · Feb 21, 2024 · eb0d813 · eb0d813
1 parent de2d063
commit eb0d813
Show file tree

Hide file tree

Showing 202 changed files with 204 additions and 2 deletions.
diff --git a/rules/go/gorilla/cookie_missing_http_only.yml b/rules/go/gorilla/cookie_missing_http_only.yml
@@ -93,3 +93,4 @@ metadata:
   id: go_gorilla_cookie_missing_http_only
   documentation_url: https://docs.bearer.com/reference/rules/go_gorilla_cookie_missing_http_only
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/go/gorilla/insecure_cookie.yml b/rules/go/gorilla/insecure_cookie.yml
@@ -72,3 +72,4 @@ metadata:
   id: go_gorilla_insecure_cookie
   documentation_url: https://docs.bearer.com/reference/rules/go_gorilla_insecure_cookie
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/go/lang/cookie_missing_http_only.yml b/rules/go/lang/cookie_missing_http_only.yml
@@ -70,3 +70,4 @@ metadata:
     - 1004
   id: go_lang_cookie_missing_http_only
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_cookie_missing_http_only
+severity: low
diff --git a/rules/go/lang/deserialization_of_user_input.yml b/rules/go/lang/deserialization_of_user_input.yml
@@ -59,3 +59,4 @@ metadata:
     - 502
   id: go_lang_deserialization_of_user_input
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_deserialization_of_user_input
+severity: low
diff --git a/rules/go/lang/html_tag_injection.yml b/rules/go/lang/html_tag_injection.yml
@@ -94,3 +94,4 @@ metadata:
     - 80
   id: go_lang_html_tag_injection
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_missing_script_tag_sanitization
+severity: low
diff --git a/rules/go/lang/insecure_cookie.yml b/rules/go/lang/insecure_cookie.yml
@@ -70,3 +70,4 @@ metadata:
     - 614
   id: go_lang_insecure_cookie
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_insecure_cookie
+severity: low
diff --git a/rules/go/lang/insufficiently_random_values.yml b/rules/go/lang/insufficiently_random_values.yml
@@ -54,3 +54,4 @@ metadata:
     - 330
   id: go_lang_insufficiently_random_values
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_insufficiently_random_values
+severity: low
diff --git a/rules/go/lang/log_output_neutralization.yml b/rules/go/lang/log_output_neutralization.yml
@@ -149,3 +149,4 @@ metadata:
     - 117
   id: go_lang_log_output_neutralization
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_log_output_neutralization
+severity: low
diff --git a/rules/go/lang/logger.yml b/rules/go/lang/logger.yml
@@ -46,3 +46,4 @@ metadata:
   id: go_lang_logger
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_logger
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/go/lang/open_redirect.yml b/rules/go/lang/open_redirect.yml
@@ -66,3 +66,4 @@ metadata:
     - 601
   id: go_lang_open_redirect
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_open_redirect
+severity: low
diff --git a/rules/go/lang/weak_hash_md5.yml b/rules/go/lang/weak_hash_md5.yml
@@ -59,3 +59,4 @@ metadata:
   id: go_lang_weak_hash_md5
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_weak_hash_md5
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/go/lang/weak_hash_sha1.yml b/rules/go/lang/weak_hash_sha1.yml
@@ -59,3 +59,4 @@ metadata:
   id: go_lang_weak_hash_sha1
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_weak_hash_sha1
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/go/lang/weak_password_encryption_md5.yml b/rules/go/lang/weak_password_encryption_md5.yml
@@ -48,3 +48,4 @@ metadata:
   id: go_lang_weak_password_encryption_md5
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_weak_password_encryption_md5
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/go/lang/weak_password_encryption_sha1.yml b/rules/go/lang/weak_password_encryption_sha1.yml
@@ -48,3 +48,4 @@ metadata:
   id: go_lang_weak_password_encryption_sha1
   documentation_url: https://docs.bearer.com/reference/rules/go_lang_weak_password_encryption_sha1
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/java/android/world_readable_writable_mode.yml b/rules/java/android/world_readable_writable_mode.yml
@@ -29,3 +29,4 @@ metadata:
     - 276
   id: java_android_world_readable_writable_mode
   documentation_url: https://docs.bearer.com/reference/rules/java_android_world_readable_writable_mode
+severity: low
diff --git a/rules/java/lang/apache_commons_collection.yml b/rules/java/lang/apache_commons_collection.yml
@@ -29,3 +29,4 @@ metadata:
     - 1395
   id: java_lang_apache_commons_collection
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_apache_commons_collection
+severity: low
diff --git a/rules/java/lang/code_injection.yml b/rules/java/lang/code_injection.yml
@@ -49,3 +49,4 @@ metadata:
     - 94
   id: java_lang_code_injection
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_code_injection
+severity: low
diff --git a/rules/java/lang/cookie_leak.yml b/rules/java/lang/cookie_leak.yml
@@ -28,3 +28,4 @@ metadata:
     - 315
   id: java_lang_cookie_leak
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_cookie_leak
+severity: high
diff --git a/rules/java/lang/cookie_missing_http_only.yml b/rules/java/lang/cookie_missing_http_only.yml
@@ -50,3 +50,4 @@ metadata:
   id: java_lang_cookie_missing_http_only
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_cookie_missing_http_only
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/java/lang/cookie_missing_secure.yml b/rules/java/lang/cookie_missing_secure.yml
@@ -48,3 +48,4 @@ metadata:
   id: java_lang_cookie_missing_secure
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_cookie_missing_secure
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/java/lang/cookie_with_http_only_false.yml b/rules/java/lang/cookie_with_http_only_false.yml
@@ -37,3 +37,4 @@ metadata:
   id: java_lang_cookie_with_http_only_false
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_cookie_with_http_only_false
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/java/lang/crlf_injection.yml b/rules/java/lang/crlf_injection.yml
@@ -95,3 +95,4 @@ metadata:
     - 93
   id: java_lang_crlf_injection
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_crlf_injection
+severity: low
diff --git a/rules/java/lang/deserialization_of_user_input.yml b/rules/java/lang/deserialization_of_user_input.yml
@@ -92,3 +92,4 @@ metadata:
     - 502
   id: java_lang_deserialization_of_user_input
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_deserialization_of_user_input
+severity: low
diff --git a/rules/java/lang/eval_using_user_input.yml b/rules/java/lang/eval_using_user_input.yml
@@ -37,3 +37,4 @@ metadata:
     - 95
   id: java_lang_eval_using_user_input
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_eval_using_user_input
+severity: low
diff --git a/rules/java/lang/exception.yml b/rules/java/lang/exception.yml
@@ -36,3 +36,4 @@ metadata:
   id: java_lang_exception
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_exception
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/java/lang/file_upload_filename.yml b/rules/java/lang/file_upload_filename.yml
@@ -68,3 +68,4 @@ metadata:
     - 73
   id: java_lang_file_upload_filename
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_file_upload_filename
+severity: low
diff --git a/rules/java/lang/format_string_manipulation.yml b/rules/java/lang/format_string_manipulation.yml
@@ -126,3 +126,4 @@ metadata:
     - 134
   id: java_lang_format_string_manipulation
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_format_string_manipulation
+severity: low
diff --git a/rules/java/lang/http_parameter_pollution.yml b/rules/java/lang/http_parameter_pollution.yml
@@ -84,3 +84,4 @@ metadata:
     - 88
   id: java_lang_http_parameter_pollution
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_http_parameter_pollution
+severity: low
diff --git a/rules/java/lang/http_url_using_user_input.yml b/rules/java/lang/http_url_using_user_input.yml
@@ -84,3 +84,4 @@ metadata:
     - 918
   id: java_lang_http_url_using_user_input
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_http_url_using_user_input
+severity: low
diff --git a/rules/java/lang/insecure_allow_origin.yml b/rules/java/lang/insecure_allow_origin.yml
@@ -47,3 +47,4 @@ metadata:
     - 346
   id: java_lang_insecure_allow_origin
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_insecure_allow_origin
+severity: low
diff --git a/rules/java/lang/insecure_cookie.yml b/rules/java/lang/insecure_cookie.yml
@@ -37,3 +37,4 @@ metadata:
   id: java_lang_insecure_cookie
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_insecure_cookie
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/java/lang/insufficiently_random_values.yml b/rules/java/lang/insufficiently_random_values.yml
@@ -43,3 +43,4 @@ metadata:
     - 330
   id: java_lang_insufficiently_random_values
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_insufficiently_random_values
+severity: low
diff --git a/rules/java/lang/ldap_injection.yml b/rules/java/lang/ldap_injection.yml
@@ -107,3 +107,4 @@ metadata:
     - 90
   id: java_lang_ldap_injection
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_ldap_injection
+severity: low
diff --git a/rules/java/lang/log_injection.yml b/rules/java/lang/log_injection.yml
@@ -42,3 +42,4 @@ metadata:
 
   id: "java_lang_log_injection"
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_logger
+severity: low
diff --git a/rules/java/lang/logger.yml b/rules/java/lang/logger.yml
@@ -45,3 +45,4 @@ metadata:
   id: "java_lang_logger"
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_logger
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/java/lang/missing_integrity_check.yml b/rules/java/lang/missing_integrity_check.yml
@@ -35,3 +35,4 @@ metadata:
   id: java_lang_missing_integrity_check
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_missing_integrity_check
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/java/lang/missing_smtp_ssl_host_check.yml b/rules/java/lang/missing_smtp_ssl_host_check.yml
@@ -57,3 +57,4 @@ metadata:
   id: java_lang_missing_smtp_ssl_host_check
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_missing_smtp_ssl_host_check
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/java/lang/padding_oracle_encryption_vulnerability.yml b/rules/java/lang/padding_oracle_encryption_vulnerability.yml
@@ -38,3 +38,4 @@ metadata:
     - 327
   id: java_lang_padding_oracle_encryption_vulnerability
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_padding_oracle_encryption_vulnerability
+severity: low
diff --git a/rules/java/lang/path_traversal.yml b/rules/java/lang/path_traversal.yml
@@ -47,3 +47,4 @@ metadata:
     - 73
   id: java_lang_path_traversal
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_path_traversal
+severity: low
diff --git a/rules/java/lang/path_using_user_input.yml b/rules/java/lang/path_using_user_input.yml
@@ -87,3 +87,4 @@ metadata:
     - 73
   id: java_lang_path_using_user_input
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_path_using_user_input
+severity: low
diff --git a/rules/java/lang/permissive_allow_origin.yml b/rules/java/lang/permissive_allow_origin.yml
@@ -41,3 +41,4 @@ metadata:
     - 942
   id: java_lang_permissive_allow_origin
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_permissive_allow_origin
+severity: low
diff --git a/rules/java/lang/permissive_cookie_config.yml b/rules/java/lang/permissive_cookie_config.yml
@@ -42,3 +42,4 @@ metadata:
     - 693
   id: java_lang_permissive_cookie_config
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_permissive_cookie_config
+severity: low
diff --git a/rules/java/lang/reflection_using_user_input.yml b/rules/java/lang/reflection_using_user_input.yml
@@ -44,3 +44,4 @@ metadata:
     - 470
   id: java_lang_reflection_using_user_input
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_reflection_using_user_input
+severity: low
diff --git a/rules/java/lang/regex_using_user_input.yml b/rules/java/lang/regex_using_user_input.yml
@@ -30,3 +30,4 @@ metadata:
     - 1287
   id: java_lang_regex_using_user_input
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_regex_using_user_input
+severity: low
diff --git a/rules/java/lang/rsa_no_padding.yml b/rules/java/lang/rsa_no_padding.yml
@@ -29,3 +29,4 @@ metadata:
   id: "java_lang_rsa_no_padding"
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_rsa_no_padding
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/java/lang/sqli.yml b/rules/java/lang/sqli.yml
@@ -125,3 +125,4 @@ metadata:
     - 89
   id: "java_lang_sqli"
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_sqli
+severity: low
diff --git a/rules/java/lang/weak_encryption_des.yml b/rules/java/lang/weak_encryption_des.yml
@@ -55,3 +55,4 @@ metadata:
   id: java_lang_weak_encryption_des
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_encryption_des
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/java/lang/weak_encryption_ecb_mode.yml b/rules/java/lang/weak_encryption_ecb_mode.yml
@@ -36,3 +36,4 @@ metadata:
   id: java_lang_weak_encryption_ecb_mode
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_encryption_ecb_mode
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/java/lang/weak_hash_md5.yml b/rules/java/lang/weak_hash_md5.yml
@@ -52,3 +52,4 @@ metadata:
   id: java_lang_weak_hash_md5
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_hash_md5
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/java/lang/weak_hash_sha1.yml b/rules/java/lang/weak_hash_sha1.yml
@@ -52,3 +52,4 @@ metadata:
   id: java_lang_weak_hash_sha1
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_hash_sha1
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/java/lang/weak_password_encryption_des.yml b/rules/java/lang/weak_password_encryption_des.yml
@@ -46,3 +46,4 @@ metadata:
   id: java_lang_weak_password_encryption_des
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_password_encryption_des
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/java/lang/weak_password_hash_md5.yml b/rules/java/lang/weak_password_hash_md5.yml
@@ -45,3 +45,4 @@ metadata:
   id: java_lang_weak_password_hash_md5
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_password_hash_md5
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/java/lang/weak_password_hash_sha1.yml b/rules/java/lang/weak_password_hash_sha1.yml
@@ -45,3 +45,4 @@ metadata:
   id: java_lang_weak_password_hash_sha1
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_password_hash_sha1
   cloud_code_suggestions: true
+severity: high
diff --git a/rules/java/lang/xpath_injection.yml b/rules/java/lang/xpath_injection.yml
@@ -68,3 +68,4 @@ metadata:
     - 643
   id: "java_lang_xpath_injection"
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_xpath_injection
+severity: low
diff --git a/rules/java/lang/xss_response_writer.yml b/rules/java/lang/xss_response_writer.yml
@@ -83,3 +83,4 @@ metadata:
     - 79
   id: "java_lang_xss_response_writer"
   documentation_url: https://docs.bearer.com/reference/rules/java_lang_xss_response_writer
+severity: low
diff --git a/rules/java/spring/sqli.yml b/rules/java/spring/sqli.yml
@@ -111,3 +111,4 @@ metadata:
     - 89
   id: "java_spring_sqli"
   documentation_url: https://docs.bearer.com/reference/rules/java_spring_sqli
+severity: low
diff --git a/rules/java/third_parties/airbrake_javabrake.yml b/rules/java/third_parties/airbrake_javabrake.yml
@@ -47,3 +47,4 @@ metadata:
   associated_recipe: Airbrake
   id: java_third_parties_airbrake_javabrake
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_airbrake_javabrake
+severity: high
diff --git a/rules/java/third_parties/algolia.yml b/rules/java/third_parties/algolia.yml
@@ -80,3 +80,4 @@ metadata:
   associated_recipe: Algolia
   id: java_third_parties_algolia
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_algolia
+severity: high
diff --git a/rules/java/third_parties/aws_query_injection.yml b/rules/java/third_parties/aws_query_injection.yml
@@ -73,3 +73,4 @@ metadata:
     - 943
   id: java_third_parties_aws_query_injection
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_aws_query_injection
+severity: low
diff --git a/rules/java/third_parties/bugsnag.yml b/rules/java/third_parties/bugsnag.yml
@@ -79,3 +79,4 @@ metadata:
   associated_recipe: Bugsnag
   id: java_third_parties_bugsnag
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_bugsnag
+severity: high
diff --git a/rules/java/third_parties/clickhouse.yml b/rules/java/third_parties/clickhouse.yml
@@ -89,7 +89,6 @@ auxiliary:
         filters:
           - variable: FACTORY
             regex: \A(com\.clickhouse\.data\.)?ClickHouseDataStreamFactory\z
-
 languages:
   - java
 skip_data_types:
@@ -113,3 +112,4 @@ metadata:
   associated_recipe: ClickHouse
   id: java_third_parties_clickhouse
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_clickhouse
+severity: high
diff --git a/rules/java/third_parties/datadog.yml b/rules/java/third_parties/datadog.yml
@@ -59,3 +59,4 @@ metadata:
   associated_recipe: Datadog
   id: java_third_parties_datadog
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_datadog
+severity: high
diff --git a/rules/java/third_parties/new_relic.yml b/rules/java/third_parties/new_relic.yml
@@ -42,3 +42,4 @@ metadata:
   associated_recipe: New Relic
   id: java_third_parties_new_relic
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_new_relic
+severity: high
diff --git a/rules/java/third_parties/open_telemetry.yml b/rules/java/third_parties/open_telemetry.yml
@@ -40,3 +40,4 @@ metadata:
     - 201
   id: java_third_parties_open_telemetry
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_open_telemetry
+severity: high
diff --git a/rules/java/third_parties/rollbar.yml b/rules/java/third_parties/rollbar.yml
@@ -49,3 +49,4 @@ metadata:
   associated_recipe: Rollbar
   id: java_third_parties_rollbar
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_rollbar
+severity: high
diff --git a/rules/java/third_parties/sentry.yml b/rules/java/third_parties/sentry.yml
@@ -84,3 +84,4 @@ metadata:
   associated_recipe: Sentry
   id: java_third_parties_sentry
   documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_sentry
+severity: high
diff --git a/rules/javascript/express/cookie_missing_http_only.yml b/rules/javascript/express/cookie_missing_http_only.yml
@@ -46,3 +46,4 @@ metadata:
   id: javascript_express_cookie_missing_http_only
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_cookie_missing_http_only
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/javascript/express/exposed_dir_listing.yml b/rules/javascript/express/exposed_dir_listing.yml
@@ -19,3 +19,4 @@ metadata:
   id: "javascript_express_exposed_dir_listing"
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_exposed_dir_listing
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/javascript/express/external_file_upload.yml b/rules/javascript/express/external_file_upload.yml
@@ -53,3 +53,4 @@ metadata:
     - 73
   id: "javascript_express_external_file_upload"
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_external_file_upload
+severity: low
diff --git a/rules/javascript/express/external_resource.yml b/rules/javascript/express/external_resource.yml
@@ -33,3 +33,4 @@ metadata:
   id: "javascript_express_external_resource"
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_external_resource
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/javascript/express/helmet_missing.yml b/rules/javascript/express/helmet_missing.yml
@@ -110,3 +110,4 @@ metadata:
     - 693
   id: javascript_express_helmet_missing
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_helmet_missing
+severity: low
diff --git a/rules/javascript/express/https_protocol_missing.yml b/rules/javascript/express/https_protocol_missing.yml
@@ -35,3 +35,4 @@ metadata:
   id: javascript_express_https_protocol_missing
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_https_protocol_missing
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/javascript/express/insecure_allow_origin.yml b/rules/javascript/express/insecure_allow_origin.yml
@@ -51,3 +51,4 @@ metadata:
   id: javascript_express_insecure_allow_origin
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_allow_origin
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/javascript/express/insecure_cookie.yml b/rules/javascript/express/insecure_cookie.yml
@@ -42,3 +42,4 @@ metadata:
   id: javascript_express_insecure_cookie
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_cookie
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/javascript/express/reduce_fingerprint.yml b/rules/javascript/express/reduce_fingerprint.yml
@@ -44,3 +44,4 @@ metadata:
   id: javascript_express_reduce_fingerprint
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_reduce_fingerprint
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/javascript/express/static_asset_with_session.yml b/rules/javascript/express/static_asset_with_session.yml
@@ -54,3 +54,4 @@ metadata:
     - 352
   id: javascript_express_static_asset_with_session
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_static_asset_with_session
+severity: low
diff --git a/rules/javascript/express/ui_redress.yml b/rules/javascript/express/ui_redress.yml
@@ -46,3 +46,4 @@ metadata:
   id: "javascript_express_ui_redress"
   documentation_url: https://docs.bearer.com/reference/rules/javascript_express_ui_redress
   cloud_code_suggestions: true
+severity: low
diff --git a/rules/javascript/lang/exception.yml b/rules/javascript/lang/exception.yml
@@ -62,3 +62,4 @@ metadata:
   id: javascript_lang_exception
   documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_exception
   cloud_code_suggestions: true
+severity: high
Original file line number	Diff line number	Diff line change
Expand Up		@@ -42,3 +42,4 @@ metadata:

		id: "java_lang_log_injection"
		documentation_url: https://docs.bearer.com/reference/rules/java_lang_logger
		severity: low