Any change with respect to whitespace is ignored. "Minor"
changes are text changes that only affect capitalization and
punctuation. Most other changes are marked as "Major."
Simple schema changes are treated as Minor, such as the change from
AffectedResource to Affected_Resource in Draft 8, or the relationship
name change from "IsRequiredBy" to "RequiredBy" in
Version 1.0. For each mutual relationship between nodes A and B (such
as ParentOf and ChildOf), a relationship change is noted for both A
and B.
The "Version 3.0 Total" lists the total number of relationships
in Version 3.0. The "Shared" value is the total number of
relationships in entries that were in both Version 3.0 and Version 2.12. The
"New" value is the total number of relationships involving
entries that did not exist in Version 2.12. Thus, the total number of
relationships in Version 3.0 would combine stats from Shared entries and
New entries.
A node change is labeled "important" if it is a major field change and
the field is critical to the meaning of the node. The critical fields
are description, name, and relationships.
11 |
ASP.NET Misconfiguration: Creating Debug Binary |
|
Major |
Applicable_Platforms, Background_Details |
|
Minor |
None |
12 |
ASP.NET Misconfiguration: Missing Custom Error Page |
|
Major |
Applicable_Platforms, Background_Details |
|
Minor |
None |
14 |
Compiler Removal of Code to Clear Buffers |
|
Major |
None |
|
Minor |
References |
15 |
External Control of System or Configuration Setting |
|
Major |
Modes_of_Introduction |
|
Minor |
None |
20 |
Improper Input Validation |
|
Major |
Detection_Factors, Modes_of_Introduction, Potential_Mitigations |
|
Minor |
References |
22 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
|
Major |
Detection_Factors |
|
Minor |
Potential_Mitigations, References |
23 |
Relative Path Traversal |
|
Major |
None |
|
Minor |
References |
31 |
Path Traversal: 'dir\..\..\filename' |
|
Major |
None |
|
Minor |
References |
34 |
Path Traversal: '....//' |
|
Major |
None |
|
Minor |
Detection_Factors |
36 |
Absolute Path Traversal |
|
Major |
None |
|
Minor |
References |
40 |
Path Traversal: '\\UNC\share\name\' (Windows UNC Share) |
|
Major |
None |
|
Minor |
References |
41 |
Improper Resolution of Path Equivalence |
|
Major |
Detection_Factors |
|
Minor |
None |
58 |
Path Equivalence: Windows 8.3 Filename |
|
Major |
None |
|
Minor |
References |
59 |
Improper Link Resolution Before File Access ('Link Following') |
|
Major |
Detection_Factors |
|
Minor |
Applicable_Platforms, References |
61 |
UNIX Symbolic Link (Symlink) Following |
|
Major |
None |
|
Minor |
References |
62 |
UNIX Hard Link |
|
Major |
None |
|
Minor |
Applicable_Platforms, References |
65 |
Windows Hard Link |
|
Major |
None |
|
Minor |
References |
66 |
Improper Handling of File Names that Identify Virtual Resources |
|
Major |
Detection_Factors |
|
Minor |
None |
67 |
Improper Handling of Windows Device Names |
|
Major |
None |
|
Minor |
References |
69 |
Improper Handling of Windows ::DATA Alternate Data Stream |
|
Major |
None |
|
Minor |
References |
72 |
Improper Handling of Apple HFS+ Alternate Data Stream Path |
|
Major |
None |
|
Minor |
Applicable_Platforms |
73 |
External Control of File Name or Path |
|
Major |
None |
|
Minor |
Applicable_Platforms, References |
77 |
Improper Neutralization of Special Elements used in a Command ('Command Injection') |
|
Major |
None |
|
Minor |
References |
78 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') |
|
Major |
Potential_Mitigations |
|
Minor |
Detection_Factors, References |
79 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
|
Major |
Applicable_Platforms, Background_Details, Description, References |
|
Minor |
Detection_Factors, Potential_Mitigations |
81 |
Improper Neutralization of Script in an Error Message Web Page |
|
Major |
None |
|
Minor |
References |
88 |
Argument Injection or Modification |
|
Major |
None |
|
Minor |
References |
89 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
|
Major |
Modes_of_Introduction, References |
|
Minor |
Detection_Factors, Potential_Mitigations |
91 |
XML Injection (aka Blind XPath Injection) |
|
Major |
None |
|
Minor |
References |
94 |
Improper Control of Generation of Code ('Code Injection') |
|
Major |
Applicable_Platforms, Potential_Mitigations |
|
Minor |
References |
95 |
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') |
|
Major |
Applicable_Platforms, Modes_of_Introduction |
|
Minor |
References |
98 |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
106 |
Struts: Plug-in Framework not in Use |
|
Major |
Potential_Mitigations |
|
Minor |
None |
109 |
Struts: Validator Turned Off |
|
Major |
Other_Notes |
|
Minor |
None |
113 |
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') |
|
Major |
Demonstrative_Examples |
|
Minor |
References |
116 |
Improper Encoding or Escaping of Output |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
119 |
Improper Restriction of Operations within the Bounds of a Memory Buffer |
|
Major |
Detection_Factors |
|
Minor |
Potential_Mitigations, References |
120 |
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
|
Major |
Detection_Factors |
|
Minor |
Potential_Mitigations, References |
121 |
Stack-based Buffer Overflow |
|
Major |
None |
|
Minor |
References |
122 |
Heap-based Buffer Overflow |
|
Major |
None |
|
Minor |
References |
123 |
Write-what-where Condition |
|
Major |
None |
|
Minor |
References |
124 |
Buffer Underwrite ('Buffer Underflow') |
|
Major |
Observed_Examples |
|
Minor |
References |
125 |
Out-of-bounds Read |
|
Major |
None |
|
Minor |
References |
128 |
Wrap-around Error |
|
Major |
None |
|
Minor |
References |
129 |
Improper Validation of Array Index |
|
Major |
Potential_Mitigations |
|
Minor |
References |
131 |
Incorrect Calculation of Buffer Size |
|
Major |
Detection_Factors, Potential_Mitigations |
|
Minor |
References |
134 |
Use of Externally-Controlled Format String |
|
Major |
Detection_Factors, Modes_of_Introduction |
|
Minor |
Potential_Mitigations, References |
135 |
Incorrect Calculation of Multi-Byte String Length |
|
Major |
None |
|
Minor |
References |
141 |
Improper Neutralization of Parameter/Argument Delimiters |
|
Major |
None |
|
Minor |
References |
142 |
Improper Neutralization of Value Delimiters |
|
Major |
None |
|
Minor |
References |
143 |
Improper Neutralization of Record Delimiters |
|
Major |
None |
|
Minor |
References |
144 |
Improper Neutralization of Line Delimiters |
|
Major |
None |
|
Minor |
References |
145 |
Improper Neutralization of Section Delimiters |
|
Major |
None |
|
Minor |
References |
146 |
Improper Neutralization of Expression/Command Delimiters |
|
Major |
None |
|
Minor |
References |
158 |
Improper Neutralization of Null Byte or NUL Character |
|
Major |
None |
|
Minor |
References |
171 |
Cleansing, Canonicalization, and Comparison Errors |
|
Major |
None |
|
Minor |
References |
176 |
Improper Handling of Unicode Encoding |
|
Major |
None |
|
Minor |
References |
179 |
Incorrect Behavior Order: Early Validation |
|
Major |
None |
|
Minor |
References |
182 |
Collapse of Data into Unsafe Value |
|
Major |
None |
|
Minor |
References |
183 |
Permissive Whitelist |
|
Major |
None |
|
Minor |
References |
184 |
Incomplete Blacklist |
|
Major |
Observed_Examples |
|
Minor |
References |
185 |
Incorrect Regular Expression |
|
Major |
None |
|
Minor |
References |
188 |
Reliance on Data/Memory Layout |
|
Major |
None |
|
Minor |
References |
190 |
Integer Overflow or Wraparound |
|
Major |
References |
|
Minor |
Detection_Factors, Potential_Mitigations |
191 |
Integer Underflow (Wrap or Wraparound) |
|
Major |
Applicable_Platforms |
|
Minor |
References |
192 |
Integer Coercion Error |
|
Major |
Applicable_Platforms |
|
Minor |
References |
193 |
Off-by-one Error |
|
Major |
None |
|
Minor |
References |
195 |
Signed to Unsigned Conversion Error |
|
Major |
None |
|
Minor |
References |
196 |
Unsigned to Signed Conversion Error |
|
Major |
None |
|
Minor |
References |
197 |
Numeric Truncation Error |
|
Major |
Applicable_Platforms |
|
Minor |
References |
200 |
Information Exposure |
|
Major |
Applicable_Platforms |
|
Minor |
Detection_Factors, References |
204 |
Response Discrepancy Information Exposure |
|
Major |
None |
|
Minor |
References |
209 |
Information Exposure Through an Error Message |
|
Major |
Potential_Mitigations |
|
Minor |
References |
210 |
Information Exposure Through Self-generated Error Message |
|
Major |
Potential_Mitigations |
|
Minor |
References |
211 |
Information Exposure Through Externally-Generated Error Message |
|
Major |
Modes_of_Introduction, Potential_Mitigations |
|
Minor |
None |
219 |
Sensitive Data Under Web Root |
|
Major |
Modes_of_Introduction |
|
Minor |
None |
223 |
Omission of Security-relevant Information |
|
Major |
None |
|
Minor |
References |
224 |
Obscured Security-relevant Information by Alternate Name |
|
Major |
None |
|
Minor |
References |
242 |
Use of Inherently Dangerous Function |
|
Major |
None |
|
Minor |
References |
243 |
Creation of chroot Jail Without Changing Working Directory |
|
Major |
None |
|
Minor |
Applicable_Platforms |
248 |
Uncaught Exception |
|
Major |
Applicable_Platforms |
|
Minor |
None |
250 |
Execution with Unnecessary Privileges |
|
Major |
Applicable_Platforms, Detection_Factors, Modes_of_Introduction, Potential_Mitigations, References, Time_of_Introduction |
|
Minor |
None |
252 |
Unchecked Return Value |
|
Major |
None |
|
Minor |
References |
253 |
Incorrect Check of Function Return Value |
|
Major |
None |
|
Minor |
References |
256 |
Plaintext Storage of a Password |
|
Major |
Modes_of_Introduction |
|
Minor |
References |
258 |
Empty Password in Configuration File |
|
Major |
None |
|
Minor |
References |
259 |
Use of Hard-coded Password |
|
Major |
None |
|
Minor |
References |
260 |
Password in Configuration File |
|
Major |
None |
|
Minor |
References |
261 |
Weak Cryptography for Passwords |
|
Major |
None |
|
Minor |
References |
262 |
Not Using Password Aging |
|
Major |
None |
|
Minor |
References |
263 |
Password Aging with Long Expiration |
|
Major |
None |
|
Minor |
References |
264 |
Permissions, Privileges, and Access Controls |
|
Major |
None |
|
Minor |
References |
266 |
Incorrect Privilege Assignment |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
267 |
Privilege Defined With Unsafe Actions |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
268 |
Privilege Chaining |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
269 |
Improper Privilege Management |
|
Major |
None |
|
Minor |
References |
270 |
Privilege Context Switching Error |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
271 |
Privilege Dropping / Lowering Errors |
|
Major |
None |
|
Minor |
References |
272 |
Least Privilege Violation |
|
Major |
None |
|
Minor |
Detection_Factors |
273 |
Improper Check for Dropped Privileges |
|
Major |
Modes_of_Introduction |
|
Minor |
None |
275 |
Permission Issues |
|
Major |
None |
|
Minor |
References |
276 |
Incorrect Default Permissions |
|
Major |
Detection_Factors |
|
Minor |
References |
279 |
Incorrect Execution-Assigned Permissions |
|
Major |
Time_of_Introduction |
|
Minor |
None |
284 |
Improper Access Control |
|
Major |
None |
|
Minor |
References |
285 |
Improper Authorization |
|
Major |
Detection_Factors, Modes_of_Introduction, Time_of_Introduction |
|
Minor |
Potential_Mitigations, References |
287 |
Improper Authentication |
|
Major |
Demonstrative_Examples, Detection_Factors, References |
|
Minor |
None |
290 |
Authentication Bypass by Spoofing |
|
Major |
None |
|
Minor |
References |
293 |
Using Referer Field for Authentication |
|
Major |
None |
|
Minor |
References |
295 |
Improper Certificate Validation |
|
Major |
Applicable_Platforms, Detection_Factors |
|
Minor |
None |
296 |
Improper Following of a Certificate's Chain of Trust |
|
Major |
None |
|
Minor |
References |
297 |
Improper Validation of Certificate with Host Mismatch |
|
Major |
Applicable_Platforms |
|
Minor |
References |
298 |
Improper Validation of Certificate Expiration |
|
Major |
None |
|
Minor |
References |
299 |
Improper Check for Certificate Revocation |
|
Major |
None |
|
Minor |
References |
301 |
Reflection Attack in an Authentication Protocol |
|
Major |
None |
|
Minor |
References |
306 |
Missing Authentication for Critical Function |
|
Major |
Detection_Factors |
|
Minor |
Potential_Mitigations, References |
307 |
Improper Restriction of Excessive Authentication Attempts |
|
Major |
Demonstrative_Examples, References |
|
Minor |
Detection_Factors, Potential_Mitigations |
310 |
Cryptographic Issues |
|
Major |
None |
|
Minor |
References |
311 |
Missing Encryption of Sensitive Data |
|
Major |
Detection_Factors |
|
Minor |
Potential_Mitigations, References |
312 |
Cleartext Storage of Sensitive Information |
|
Major |
Applicable_Platforms |
|
Minor |
References |
319 |
Cleartext Transmission of Sensitive Information |
|
Major |
Applicable_Platforms |
|
Minor |
References |
322 |
Key Exchange without Entity Authentication |
|
Major |
None |
|
Minor |
References |
324 |
Use of a Key Past its Expiration Date |
|
Major |
None |
|
Minor |
References |
325 |
Missing Required Cryptographic Step |
|
Major |
Observed_Examples, Time_of_Introduction |
|
Minor |
None |
326 |
Inadequate Encryption Strength |
|
Major |
None |
|
Minor |
References |
327 |
Use of a Broken or Risky Cryptographic Algorithm |
|
Major |
Detection_Factors, References |
|
Minor |
Potential_Mitigations |
328 |
Reversible One-Way Hash |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
329 |
Not Using a Random IV with CBC Mode |
|
Major |
None |
|
Minor |
References |
330 |
Use of Insufficiently Random Values |
|
Major |
Detection_Factors, References |
|
Minor |
Potential_Mitigations |
331 |
Insufficient Entropy |
|
Major |
None |
|
Minor |
References |
332 |
Insufficient Entropy in PRNG |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
334 |
Small Space of Random Values |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
335 |
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) |
|
Major |
None |
|
Minor |
References |
336 |
Same Seed in Pseudo-Random Number Generator (PRNG) |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
337 |
Predictable Seed in Pseudo-Random Number Generator (PRNG) |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
338 |
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) |
|
Major |
None |
|
Minor |
References |
339 |
Small Seed Space in PRNG |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
340 |
Predictability Problems |
|
Major |
None |
|
Minor |
References |
341 |
Predictable from Observable State |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
342 |
Predictable Exact Value from Previous Values |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
343 |
Predictable Value Range from Previous Values |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
344 |
Use of Invariant Value in Dynamically Changing Context |
|
Major |
None |
|
Minor |
References |
345 |
Insufficient Verification of Data Authenticity |
|
Major |
None |
|
Minor |
References |
346 |
Origin Validation Error |
|
Major |
None |
|
Minor |
Demonstrative_Examples |
350 |
Reliance on Reverse DNS Resolution for a Security-Critical Action |
|
Major |
None |
|
Minor |
References |
352 |
Cross-Site Request Forgery (CSRF) |
|
Major |
Detection_Factors |
|
Minor |
Potential_Mitigations, References |
353 |
Missing Support for Integrity Check |
|
Major |
None |
|
Minor |
References |
359 |
Exposure of Private Information ('Privacy Violation') |
|
Major |
Applicable_Platforms, References |
|
Minor |
Demonstrative_Examples, Description |
362 |
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') |
|
Major |
Demonstrative_Examples, References |
|
Minor |
Detection_Factors, Potential_Mitigations |
363 |
Race Condition Enabling Link Following |
|
Major |
None |
|
Minor |
References |
364 |
Signal Handler Race Condition |
|
Major |
None |
|
Minor |
Demonstrative_Examples, References |
365 |
Race Condition in Switch |
|
Major |
Applicable_Platforms |
|
Minor |
References |
366 |
Race Condition within a Thread |
|
Major |
Applicable_Platforms |
|
Minor |
References |
367 |
Time-of-check Time-of-use (TOCTOU) Race Condition |
|
Major |
None |
|
Minor |
References |
368 |
Context Switching Race Condition |
|
Major |
None |
|
Minor |
References |
369 |
Divide By Zero |
|
Major |
Demonstrative_Examples, References |
|
Minor |
None |
370 |
Missing Check for Certificate Revocation after Initial Check |
|
Major |
None |
|
Minor |
References |
374 |
Passing Mutable Objects to an Untrusted Method |
|
Major |
Applicable_Platforms |
|
Minor |
Demonstrative_Examples |
375 |
Returning a Mutable Object to an Untrusted Caller |
|
Major |
Applicable_Platforms |
|
Minor |
None |
377 |
Insecure Temporary File |
|
Major |
References |
|
Minor |
None |
379 |
Creation of Temporary File in Directory with Incorrect Permissions |
|
Major |
None |
|
Minor |
References |
384 |
Session Fixation |
|
Major |
Modes_of_Introduction |
|
Minor |
None |
388 |
7PK - Errors |
|
Major |
References |
|
Minor |
None |
389 |
Error Conditions, Return Values, Status Codes |
|
Major |
None |
|
Minor |
References |
390 |
Detection of Error Condition Without Action |
|
Major |
None |
|
Minor |
References |
395 |
Use of NullPointerException Catch to Detect NULL Pointer Dereference |
|
Major |
None |
|
Minor |
Detection_Factors |
396 |
Declaration of Catch for Generic Exception |
|
Major |
Applicable_Platforms |
|
Minor |
References |
397 |
Declaration of Throws for Generic Exception |
|
Major |
Applicable_Platforms |
|
Minor |
None |
398 |
7PK - Code Quality |
|
Major |
References |
|
Minor |
None |
400 |
Uncontrolled Resource Consumption ('Resource Exhaustion') |
|
Major |
References |
|
Minor |
None |
401 |
Improper Release of Memory Before Removing Last Reference ('Memory Leak') |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
403 |
Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') |
|
Major |
None |
|
Minor |
Applicable_Platforms |
404 |
Improper Resource Shutdown or Release |
|
Major |
None |
|
Minor |
References |
410 |
Insufficient Resource Pool |
|
Major |
None |
|
Minor |
References |
415 |
Double Free |
|
Major |
None |
|
Minor |
References |
416 |
Use After Free |
|
Major |
None |
|
Minor |
References |
421 |
Race Condition During Access to Alternate Channel |
|
Major |
References |
|
Minor |
None |
422 |
Unprotected Windows Messaging Channel ('Shatter') |
|
Major |
References |
|
Minor |
None |
426 |
Untrusted Search Path |
|
Major |
Modes_of_Introduction, References |
|
Minor |
Applicable_Platforms |
427 |
Uncontrolled Search Path Element |
|
Major |
None |
|
Minor |
Applicable_Platforms |
428 |
Unquoted Search Path or Element |
|
Major |
Applicable_Platforms |
|
Minor |
References |
430 |
Deployment of Wrong Handler |
|
Major |
None |
|
Minor |
References |
431 |
Missing Handler |
|
Major |
None |
|
Minor |
References |
433 |
Unparsed Raw Web Content Delivery |
|
Major |
None |
|
Minor |
References |
434 |
Unrestricted Upload of File with Dangerous Type |
|
Major |
Applicable_Platforms, Observed_Examples |
|
Minor |
Detection_Factors, Potential_Mitigations, References |
436 |
Interpretation Conflict |
|
Major |
References |
|
Minor |
Demonstrative_Examples |
444 |
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') |
|
Major |
None |
|
Minor |
Potential_Mitigations |
456 |
Missing Initialization of a Variable |
|
Major |
None |
|
Minor |
References |
457 |
Use of Uninitialized Variable |
|
Major |
References |
|
Minor |
None |
460 |
Improper Cleanup on Thrown Exception |
|
Major |
Applicable_Platforms |
|
Minor |
None |
462 |
Duplicate Key in Associative List (Alist) |
|
Major |
Applicable_Platforms |
|
Minor |
None |
463 |
Deletion of Data Structure Sentinel |
|
Major |
None |
|
Minor |
References |
466 |
Return of Pointer Value Outside of Expected Range |
|
Major |
None |
|
Minor |
References |
468 |
Incorrect Pointer Scaling |
|
Major |
None |
|
Minor |
References |
470 |
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') |
|
Major |
Applicable_Platforms |
|
Minor |
None |
472 |
External Control of Assumed-Immutable Web Parameter |
|
Major |
None |
|
Minor |
References |
476 |
NULL Pointer Dereference |
|
Major |
Applicable_Platforms |
|
Minor |
None |
477 |
Use of Obsolete Function |
|
Major |
Detection_Factors |
|
Minor |
None |
478 |
Missing Default Case in Switch Statement |
|
Major |
Applicable_Platforms |
|
Minor |
References |
479 |
Signal Handler Use of a Non-reentrant Function |
|
Major |
Demonstrative_Examples |
|
Minor |
References |
480 |
Use of Incorrect Operator |
|
Major |
None |
|
Minor |
References |
481 |
Assigning instead of Comparing |
|
Major |
Applicable_Platforms |
|
Minor |
References |
482 |
Comparing instead of Assigning |
|
Major |
None |
|
Minor |
References |
484 |
Omitted Break Statement in Switch |
|
Major |
Applicable_Platforms |
|
Minor |
References |
494 |
Download of Code Without Integrity Check |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
495 |
Private Array-Typed Field Returned From A Public Method |
|
Major |
Applicable_Platforms |
|
Minor |
None |
496 |
Public Data Assigned to Private Array-Typed Field |
|
Major |
Applicable_Platforms |
|
Minor |
None |
498 |
Cloneable Class Containing Sensitive Information |
|
Major |
Applicable_Platforms |
|
Minor |
None |
502 |
Deserialization of Untrusted Data |
|
Major |
None |
|
Minor |
Applicable_Platforms |
506 |
Embedded Malicious Code |
|
Major |
Detection_Factors |
|
Minor |
None |
507 |
Trojan Horse |
|
Major |
None |
|
Minor |
References |
510 |
Trapdoor |
|
Major |
Detection_Factors |
|
Minor |
None |
511 |
Logic/Time Bomb |
|
Major |
Applicable_Platforms |
|
Minor |
References |
521 |
Weak Password Requirements |
|
Major |
None |
|
Minor |
References |
522 |
Insufficiently Protected Credentials |
|
Major |
None |
|
Minor |
References |
538 |
File and Directory Information Exposure |
|
Major |
Modes_of_Introduction |
|
Minor |
References |
549 |
Missing Password Field Masking |
|
Major |
None |
|
Minor |
References |
552 |
Files or Directories Accessible to External Parties |
|
Major |
Modes_of_Introduction |
|
Minor |
None |
554 |
ASP.NET Misconfiguration: Not Using Input Validation Framework |
|
Major |
Applicable_Platforms |
|
Minor |
None |
560 |
Use of umask() with chmod-style Argument |
|
Major |
Other_Notes |
|
Minor |
None |
561 |
Dead Code |
|
Major |
None |
|
Minor |
Detection_Factors |
597 |
Use of Wrong Operator in String Comparison |
|
Major |
None |
|
Minor |
References |
601 |
URL Redirection to Untrusted Site ('Open Redirect') |
|
Major |
Applicable_Platforms, Observed_Examples, References |
|
Minor |
Detection_Factors, Potential_Mitigations |
602 |
Client-Side Enforcement of Server-Side Security |
|
Major |
Applicable_Platforms, Observed_Examples |
|
Minor |
References |
603 |
Use of Client-Side Authentication |
|
Major |
Observed_Examples |
|
Minor |
References |
604 |
Deprecated Entries |
|
Major |
View_Filter |
|
Minor |
None |
606 |
Unchecked Input for Loop Condition |
|
Major |
None |
|
Minor |
References |
609 |
Double-Checked Locking |
|
Major |
None |
|
Minor |
References |
611 |
Improper Restriction of XML External Entity Reference ('XXE') |
|
Major |
Applicable_Platforms, References |
|
Minor |
None |
614 |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute |
|
Major |
Observed_Examples |
|
Minor |
None |
618 |
Exposed Unsafe ActiveX Method |
|
Major |
None |
|
Minor |
References |
620 |
Unverified Password Change |
|
Major |
None |
|
Minor |
References |
623 |
Unsafe ActiveX Control Marked Safe For Scripting |
|
Major |
None |
|
Minor |
References |
625 |
Permissive Regular Expression |
|
Major |
None |
|
Minor |
References |
629 |
Weaknesses in OWASP Top Ten (2007) |
|
Major |
View_Audience |
|
Minor |
None |
630 |
DEPRECATED: Weaknesses Examined by SAMATE |
|
Major |
View_Structure |
|
Minor |
None |
635 |
Weaknesses Originally Used by NVD from 2008 to 2016 |
|
Major |
View_Structure |
|
Minor |
None |
636 |
Not Failing Securely ('Failing Open') |
|
Major |
References |
|
Minor |
None |
637 |
Unnecessary Complexity in Protection Mechanism (Not Using 'Economy of Mechanism') |
|
Major |
References |
|
Minor |
None |
638 |
Not Using Complete Mediation |
|
Major |
References |
|
Minor |
None |
640 |
Weak Password Recovery Mechanism for Forgotten Password |
|
Major |
None |
|
Minor |
References |
642 |
External Control of Critical State Data |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
643 |
Improper Neutralization of Data within XPath Expressions ('XPath Injection') |
|
Major |
None |
|
Minor |
References |
647 |
Use of Non-Canonical URL Paths for Authorization Decisions |
|
Major |
Applicable_Platforms |
|
Minor |
None |
653 |
Insufficient Compartmentalization |
|
Major |
References |
|
Minor |
Detection_Factors |
654 |
Reliance on a Single Factor in a Security Decision |
|
Major |
References |
|
Minor |
None |
655 |
Insufficient Psychological Acceptability |
|
Major |
References |
|
Minor |
Demonstrative_Examples |
656 |
Reliance on Security Through Obscurity |
|
Major |
Demonstrative_Examples, References |
|
Minor |
None |
657 |
Violation of Secure Design Principles |
|
Major |
References |
|
Minor |
None |
658 |
Weaknesses in Software Written in C |
|
Major |
View_Filter |
|
Minor |
None |
659 |
Weaknesses in Software Written in C++ |
|
Major |
View_Filter |
|
Minor |
None |
660 |
Weaknesses in Software Written in Java |
|
Major |
View_Filter |
|
Minor |
None |
661 |
Weaknesses in Software Written in PHP |
|
Major |
View_Filter |
|
Minor |
None |
665 |
Improper Initialization |
|
Major |
References |
|
Minor |
None |
672 |
Operation on a Resource after Expiration or Release |
|
Major |
Applicable_Platforms |
|
Minor |
None |
676 |
Use of Potentially Dangerous Function |
|
Major |
Detection_Factors |
|
Minor |
Potential_Mitigations, References |
677 |
Weakness Base Elements |
|
Major |
View_Filter |
|
Minor |
None |
678 |
Composites |
|
Major |
View_Filter |
|
Minor |
None |
679 |
DEPRECATED: Chain Elements |
|
Major |
View_Filter |
|
Minor |
None |
681 |
Incorrect Conversion between Numeric Types |
|
Major |
None |
|
Minor |
References |
682 |
Incorrect Calculation |
|
Major |
Potential_Mitigations |
|
Minor |
References |
689 |
Permission Race Condition During Resource Copy |
|
Major |
None |
|
Minor |
References |
692 |
Incomplete Blacklist to Cross-Site Scripting |
|
Major |
References |
|
Minor |
Description |
699 |
Development Concepts |
|
Major |
View_Audience |
|
Minor |
None |
700 |
Seven Pernicious Kingdoms |
|
Major |
View_Audience |
|
Minor |
None |
701 |
Weaknesses Introduced During Design |
|
Major |
View_Filter |
|
Minor |
None |
702 |
Weaknesses Introduced During Implementation |
|
Major |
View_Filter |
|
Minor |
None |
703 |
Improper Check or Handling of Exceptional Conditions |
|
Major |
None |
|
Minor |
Detection_Factors, References |
709 |
Named Chains |
|
Major |
View_Filter |
|
Minor |
None |
711 |
Weaknesses in OWASP Top Ten (2004) |
|
Major |
View_Audience |
|
Minor |
None |
732 |
Incorrect Permission Assignment for Critical Resource |
|
Major |
Detection_Factors, Modes_of_Introduction |
|
Minor |
Potential_Mitigations, References |
733 |
Compiler Optimization Removal or Modification of Security-critical Code |
|
Major |
Applicable_Platforms |
|
Minor |
References |
734 |
Weaknesses Addressed by the CERT C Secure Coding Standard (2008 Version) |
|
Major |
View_Audience |
|
Minor |
None |
749 |
Exposed Dangerous Method or Function |
|
Major |
None |
|
Minor |
Demonstrative_Examples |
750 |
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors |
|
Major |
View_Audience |
|
Minor |
None |
754 |
Improper Check for Unusual or Exceptional Conditions |
|
Major |
Demonstrative_Examples |
|
Minor |
References |
757 |
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') |
|
Major |
Time_of_Introduction |
|
Minor |
None |
759 |
Use of a One-Way Hash without a Salt |
|
Major |
Detection_Factors, Time_of_Introduction |
|
Minor |
Potential_Mitigations, References |
760 |
Use of a One-Way Hash with a Predictable Salt |
|
Major |
Time_of_Introduction |
|
Minor |
Potential_Mitigations, References |
762 |
Mismatched Memory Management Routines |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
770 |
Allocation of Resources Without Limits or Throttling |
|
Major |
Demonstrative_Examples, Potential_Mitigations, References |
|
Minor |
None |
771 |
Missing Reference to Active Allocated Resource |
|
Major |
Potential_Mitigations |
|
Minor |
None |
772 |
Missing Release of Resource after Effective Lifetime |
|
Major |
Applicable_Platforms, Potential_Mitigations |
|
Minor |
None |
773 |
Missing Reference to Active File Descriptor or Handle |
|
Major |
Potential_Mitigations |
|
Minor |
None |
774 |
Allocation of File Descriptors or Handles Without Limits or Throttling |
|
Major |
Potential_Mitigations |
|
Minor |
References |
775 |
Missing Release of File Descriptor or Handle after Effective Lifetime |
|
Major |
Potential_Mitigations |
|
Minor |
References |
776 |
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') |
|
Major |
Applicable_Platforms, References |
|
Minor |
None |
778 |
Insufficient Logging |
|
Major |
None |
|
Minor |
References |
781 |
Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code |
|
Major |
Applicable_Platforms, References |
|
Minor |
None |
782 |
Exposed IOCTL with Insufficient Access Control |
|
Major |
Applicable_Platforms |
|
Minor |
None |
783 |
Operator Precedence Logic Error |
|
Major |
Applicable_Platforms |
|
Minor |
References |
784 |
Reliance on Cookies without Validation and Integrity Checking in a Security Decision |
|
Major |
Applicable_Platforms |
|
Minor |
References |
789 |
Uncontrolled Memory Allocation |
|
Major |
None |
|
Minor |
References |
790 |
Improper Filtering of Special Elements |
|
Major |
Time_of_Introduction |
|
Minor |
None |
791 |
Incomplete Filtering of Special Elements |
|
Major |
Time_of_Introduction |
|
Minor |
None |
792 |
Incomplete Filtering of One or More Instances of Special Elements |
|
Major |
Time_of_Introduction |
|
Minor |
None |
793 |
Only Filtering One Instance of a Special Element |
|
Major |
Time_of_Introduction |
|
Minor |
None |
794 |
Incomplete Filtering of Multiple Instances of Special Elements |
|
Major |
Time_of_Introduction |
|
Minor |
None |
795 |
Only Filtering Special Elements at a Specified Location |
|
Major |
Time_of_Introduction |
|
Minor |
None |
796 |
Only Filtering Special Elements Relative to a Marker |
|
Major |
Time_of_Introduction |
|
Minor |
None |
797 |
Only Filtering Special Elements at an Absolute Position |
|
Major |
Time_of_Introduction |
|
Minor |
None |
798 |
Use of Hard-coded Credentials |
|
Major |
Applicable_Platforms, Detection_Factors |
|
Minor |
Potential_Mitigations, References |
800 |
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors |
|
Major |
View_Audience |
|
Minor |
None |
805 |
Buffer Access with Incorrect Length Value |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
806 |
Buffer Access Using Size of Source Buffer |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
807 |
Reliance on Untrusted Inputs in a Security Decision |
|
Major |
Detection_Factors |
|
Minor |
Potential_Mitigations, References |
809 |
Weaknesses in OWASP Top Ten (2010) |
|
Major |
View_Audience |
|
Minor |
None |
823 |
Use of Out-of-range Pointer Offset |
|
Major |
None |
|
Minor |
References |
824 |
Access of Uninitialized Pointer |
|
Major |
None |
|
Minor |
References |
827 |
Improper Control of Document Type Definition |
|
Major |
Applicable_Platforms, Time_of_Introduction |
|
Minor |
None |
828 |
Signal Handler with Functionality that is not Asynchronous-Safe |
|
Major |
None |
|
Minor |
Demonstrative_Examples, References |
829 |
Inclusion of Functionality from Untrusted Control Sphere |
|
Major |
Detection_Factors, Time_of_Introduction |
|
Minor |
Demonstrative_Examples, Potential_Mitigations, References |
830 |
Inclusion of Web Functionality from an Untrusted Source |
|
Major |
Time_of_Introduction |
|
Minor |
Demonstrative_Examples |
831 |
Signal Handler Function Associated with Multiple Signals |
|
Major |
None |
|
Minor |
Demonstrative_Examples, References |
833 |
Deadlock |
|
Major |
None |
|
Minor |
References |
834 |
Excessive Iteration |
|
Major |
None |
|
Minor |
Detection_Factors, References |
835 |
Loop with Unreachable Exit Condition ('Infinite Loop') |
|
Major |
None |
|
Minor |
References |
836 |
Use of Password Hash Instead of Password for Authentication |
|
Major |
Time_of_Introduction |
|
Minor |
None |
838 |
Inappropriate Encoding for Output Context |
|
Major |
None |
|
Minor |
Potential_Mitigations, References |
839 |
Numeric Range Comparison Without Minimum Check |
|
Major |
None |
|
Minor |
References |
840 |
Business Logic Errors |
|
Major |
References |
|
Minor |
None |
841 |
Improper Enforcement of Behavioral Workflow |
|
Major |
References, Time_of_Introduction |
|
Minor |
None |
843 |
Access of Resource Using Incompatible Type ('Type Confusion') |
|
Major |
None |
|
Minor |
References |
844 |
Weaknesses Addressed by the CERT Java Secure Coding Standard |
|
Major |
View_Audience |
|
Minor |
None |
862 |
Missing Authorization |
|
Major |
Detection_Factors, Modes_of_Introduction |
|
Minor |
Potential_Mitigations, References |
863 |
Incorrect Authorization |
|
Major |
Detection_Factors, Modes_of_Introduction |
|
Minor |
Potential_Mitigations, References |
868 |
Weaknesses Addressed by the CERT C++ Secure Coding Standard |
|
Major |
View_Audience |
|
Minor |
None |
884 |
CWE Cross-section |
|
Major |
View_Structure |
|
Minor |
None |
888 |
Software Fault Pattern (SFP) Clusters |
|
Major |
View_Audience |
|
Minor |
None |
900 |
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors |
|
Major |
View_Audience |
|
Minor |
None |
908 |
Use of Uninitialized Resource |
|
Major |
References |
|
Minor |
None |
911 |
Improper Update of Reference Count |
|
Major |
References |
|
Minor |
None |
916 |
Use of Password Hash With Insufficient Computational Effort |
|
Major |
Detection_Factors, References |
|
Minor |
Potential_Mitigations |
918 |
Server-Side Request Forgery (SSRF) |
|
Major |
Applicable_Platforms, References |
|
Minor |
None |
919 |
Weaknesses in Mobile Applications |
|
Major |
View_Filter |
|
Minor |
None |
920 |
Improper Restriction of Power Consumption |
|
Major |
Applicable_Platforms |
|
Minor |
None |
921 |
Storage of Sensitive Data in a Mechanism without Access Control |
|
Major |
Applicable_Platforms |
|
Minor |
None |
925 |
Improper Verification of Intent by Broadcast Receiver |
|
Major |
Applicable_Platforms |
|
Minor |
References |
926 |
Improper Export of Android Application Components |
|
Major |
Applicable_Platforms, Background_Details, Potential_Mitigations |
|
Minor |
References |
927 |
Use of Implicit Intent for Sensitive Communication |
|
Major |
Applicable_Platforms |
|
Minor |
References |
928 |
Weaknesses in OWASP Top Ten (2013) |
|
Major |
View_Audience |
|
Minor |
None |
939 |
Improper Authorization in Handler for Custom URL Scheme |
|
Major |
Applicable_Platforms, Time_of_Introduction |
|
Minor |
Demonstrative_Examples |
940 |
Improper Verification of Source of a Communication Channel |
|
Major |
Applicable_Platforms |
|
Minor |
Demonstrative_Examples |
941 |
Incorrectly Specified Destination in a Communication Channel |
|
Major |
Applicable_Platforms |
|
Minor |
None |
942 |
Overly Permissive Cross-domain Whitelist |
|
Major |
Applicable_Platforms, Potential_Mitigations |
|
Minor |
None |
999 |
Weaknesses without Software Fault Patterns |
|
Major |
View_Audience, View_Filter |
|
Minor |
None |
1000 |
Research Concepts |
|
Major |
View_Audience |
|
Minor |
None |
1004 |
Sensitive Cookie Without 'HttpOnly' Flag |
|
Major |
Applicable_Platforms, Observed_Examples |
|
Minor |
Demonstrative_Examples |
1007 |
Insufficient Visual Distinction of Homoglyphs Presented to User |
|
Major |
Applicable_Platforms, Demonstrative_Examples |
|
Minor |
References |
1008 |
Architectural Concepts |
|
Major |
View_Audience |
|
Minor |
None |
1022 |
Improper Restriction of Cross-Origin Permission to window.opener.location |
|
Major |
Applicable_Platforms, Modes_of_Introduction |
|
Minor |
Demonstrative_Examples |
2000 |
Comprehensive CWE Dictionary |
|
Major |
View_Filter |
|
Minor |
None |