CWEs that violate the CERT standard
This table lists all the CWEs that may cause an application to not pass a policy that includes a CERT policy rule.
CWE ID | CWE name | Static support | Dynamic support | Veracode severity |
---|---|---|---|---|
14 | Compiler Removal of Code to Clear Buffers | |||
20 | Improper Input Validation | X | 0 - Informational | |
22 | Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) | X | X | 3 - Medium |
37 | Path Traversal: '/absolute/pathname/here' | |||
38 | Path Traversal: '\absolute\pathname\here' | |||
39 | Path Traversal: 'C:dirname' | |||
41 | Improper Resolution of Path Equivalence | |||
59 | Improper Link Resolution Before File Access (Link Following) | |||
62 | UNIX Hard Link | |||
64 | Windows Shortcut Following (.LNK) | |||
65 | Windows Hard Link | |||
67 | Improper Handling of Windows Device Names | |||
78 | Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) | X | X | 5 - Very High |
88 | Argument Injection or Modification | X | 3 - Medium | |
111 | Direct Use of Unsafe JNI | X | 4 - High | |
116 | Improper Encoding or Escaping of Output | |||
117 | Improper Output Neutralization for Logs | X | 3 - Medium | |
119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | |||
120 | Buffer Copy without Checking Size of Input (Classic Buffer Overflow) | |||
121 | Stack-based Buffer Overflow | X | 5 - Very High | |
122 | Heap-based Buffer Overflow | |||
123 | Write-what-where Condition | |||
125 | Out-of-bounds Read | X | 3 - Medium | |
128 | Wrap-around Error | |||
129 | Improper Validation of Array Index | X | 3 - Medium | |
131 | Incorrect Calculation of Buffer Size | |||
134 | Use of Externally-Controlled Format String | X | 5 - Very High | |
135 | Incorrect Calculation of Multi-Byte String Length | X | 5 - Very High | |
144 | Improper Neutralization of Line Delimiters | |||
150 | Improper Neutralization of Escape, Meta, or Control Sequences | |||
170 | Improper Null Termination | X | 3 - Medium | |
171 | Cleansing, Canonicalization, and Comparison Errors | |||
176 | Improper Handling of Unicode Encoding | |||
180 | Incorrect Behavior Order: Validate Before Canonicalize | |||
182 | Collapse of Data into Unsafe Value | |||
190 | Integer Overflow or Wraparound | X | 5 - Very High | |
191 | Integer Underflow (Wrap or Wraparound) | X | 3 - Medium | |
192 | Integer Coercion Error | X | 3 - Medium | |
193 | Off-by-one Error | X | 3 - Medium | |
194 | Unexpected Sign Extension | |||
195 | Signed to Unsigned Conversion Error | X | 3 - Medium | |
197 | Numeric Truncation Error | X | 3 - Medium | |
198 | Use of Incorrect Byte Ordering | |||
209 | Information Exposure Through an Error Message | X | X | 2 - Low |
226 | Sensitive Information Uncleared Before Release | |||
227 | 7PK - API Abuse | |||
230 | Improper Handling of Missing Values | |||
232 | Improper Handling of Undefined Values | |||
241 | Improper Handling of Unexpected Data Type | |||
242 | Use of Inherently Dangerous Function | X | 5 - Very High | |
244 | Improper Clearing of Heap Memory Before Release (Heap Inspection) | |||
248 | Uncaught Exception | X | 2 - Low | |
250 | Execution with Unnecessary Privileges | |||
252 | Unchecked Return Value | X | 2 - Low | |
253 | Incorrect Check of Function Return Value | |||
259 | Use of Hard-coded Password | X | X | 3 - Medium |
266 | Incorrect Privilege Assignment | |||
272 | Least Privilege Violation | X | 3 - Medium | |
273 | Improper Check for Dropped Privileges | X | 3 - Medium | |
276 | Incorrect Default Permissions | |||
279 | Incorrect Execution-Assigned Permissions | |||
289 | Authentication Bypass by Alternate Name | |||
300 | Channel Accessible by Non-Endpoint (Man-in-the-Middle) | |||
302 | Authentication Bypass by Assumed-Immutable Data | |||
311 | Missing Encryption of Sensitive Data | X | 3 - Medium | |
319 | Cleartext Transmission of Sensitive Information | X | 3 - Medium | |
327 | Use of a Broken or Risky Cryptographic Algorithm | X | X | 3 - Medium |
330 | Use of Insufficiently Random Values | X | 3 - Medium | |
331 | Insufficient Entropy | X | 3 - Medium | |
332 | Insufficient Entropy in PRNG | |||
333 | Improper Handling of Insufficient Entropy in TRNG | |||
336 | Same Seed in Pseudo-Random Number Generator (PRNG) | |||
337 | Predictable Seed in Pseudo-Random Number Generator (PRNG) | |||
338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) | X | 3 - Medium | |
347 | Improper Verification of Cryptographic Signature | X | 2 - Low | |
349 | Acceptance of Extraneous Untrusted Data With Trusted Data | |||
359 | Exposure of Private Information (Privacy Violation) | X | 2 - Low | |
362 | Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) | |||
363 | Race Condition Enabling Link Following | |||
366 | Race Condition within a Thread | X | 3 - Medium | |
367 | Time-of-check Time-of-use (TOCTOU) Race Condition | X | 3 - Medium | |
369 | Divide By Zero | |||
374 | Passing Mutable Objects to an Untrusted Method | |||
375 | Returning a Mutable Object to an Untrusted Caller | |||
377 | Insecure Temporary File | X | 3 - Medium | |
379 | Creation of Temporary File in Directory with Incorrect Permissions | |||
382 | J2EE Bad Practices: Use of System.exit() | X | 2 - Low | |
390 | Detection of Error Condition Without Action | |||
392 | Missing Report of Error Condition | |||
395 | Use of NullPointerException Catch to Detect NULL Pointer Dereference | |||
397 | Declaration of Throws for Generic Exception | |||
400 | Uncontrolled Resource Consumption | |||
401 | Improper Release of Memory Before Removing Last Reference | X | 2 - Low | |
403 | Exposure of File Descriptor to Unintended Control Sphere (File Descriptor Leak) | |||
404 | Improper Resource Shutdown or Release | X | 0 - Informational | |
405 | Asymmetric Resource Consumption (Amplification) | |||
409 | Improper Handling of Highly Compressed Data (Data Amplification) | |||
410 | Insufficient Resource Pool | |||
412 | Unrestricted Externally Accessible Lock | |||
413 | Improper Resource Locking | |||
415 | Double Free | X | 3 - Medium | |
416 | Use After Free | X | 2 - Low | |
426 | Untrusted Search Path | X | 3 - Medium | |
456 | Missing Initialization of a Variable | |||
459 | Incomplete Cleanup | |||
460 | Improper Cleanup on Thrown Exception | |||
462 | Duplicate Key in Associative List (Alist) | |||
464 | Addition of Data Structure Sentinel | |||
466 | Return of Pointer Value Outside of Expected Range | |||
467 | Use of sizeof() on a Pointer Type | |||
468 | Incorrect Pointer Scaling | |||
469 | Use of Pointer Subtraction to Determine Size | |||
470 | Use of Externally-Controlled Input to Select Classes or Code (Unsafe Reflection) | X | 3 - Medium | |
476 | NULL Pointer Dereference | |||
479 | Signal Handler Use of a Non-reentrant Function | X | 3 - Medium | |
480 | Use of Incorrect Operator | |||
481 | Assigning instead of Comparing | |||
482 | Comparing instead of Assigning | |||
486 | Comparison of Classes by Name | |||
487 | Reliance on Package-level Scope | |||
491 | Public cloneable() Method Without Final (Object Hijack) | |||
492 | Use of Inner Class Containing Sensitive Data | |||
493 | Critical Public Variable Without Final Modifier | |||
494 | Download of Code Without Integrity Check | |||
497 | Exposure of System Data to an Unauthorized Control Sphere | X | 2 - Low | |
498 | Cloneable Class Containing Sensitive Information | |||
499 | Serializable Class Containing Sensitive Data | |||
500 | Public Static Field Not Marked Final | |||
502 | Deserialization of Untrusted Data | X | 3 - Medium | |
528 | Exposure of Core Dump File to an Unauthorized Control Sphere | |||
532 | Insertion of Sensitive Information into Log File | X | 2 - Low | |
543 | Use of Singleton Pattern Without Synchronization in a Multithreaded Context | |||
544 | Missing Standardized Error Handling Mechanism | |||
547 | Use of Hard-coded, Security-relevant Constants | X | 3 - Medium | |
552 | Files or Directories Accessible to External Parties | |||
561 | Dead Code | |||
562 | Return of Stack Variable Address | |||
563 | Assignment to Variable without Use | |||
567 | Unsynchronized Access to Shared Data in a Multithreaded Context | |||
568 | finalize() Method Without super.finalize() | |||
570 | Expression is Always False | |||
571 | Expression is Always True | |||
572 | Call to Thread run() instead of start() | |||
573 | Improper Following of Specification by Caller | |||
581 | Object Model Violation: Just One of Equals and Hashcode Defined | |||
582 | Array Declared Public, Final, and Static | |||
583 | finalize() Method Declared Public | |||
584 | Return Inside Finally Block | |||
586 | Explicit Call to Finalize() | |||
587 | Assignment of a Fixed Address to a Pointer | |||
589 | Call to Non-ubiquitous API | |||
590 | Free of Memory not on the Heap | |||
591 | Sensitive Data Storage in Improperly Locked Memory | |||
595 | Comparison of Object References Instead of Object Contents | |||
597 | Use of Wrong Operator in String Comparison | X | 2 - Low | |
600 | Uncaught Exception in Servlet |