CSAF
view release on metacpan or search on metacpan
lib/CSAF/Util/CWE.pm view on Meta::CPAN
'CWE-304' => q"Missing Critical Step in Authentication",
'CWE-305' => q"Authentication Bypass by Primary Weakness",
'CWE-306' => q"Missing Authentication for Critical Function",
'CWE-307' => q"Improper Restriction of Excessive Authentication Attempts",
'CWE-308' => q"Use of Single-factor Authentication",
'CWE-309' => q"Use of Password System for Primary Authentication",
'CWE-311' => q"Missing Encryption of Sensitive Data",
'CWE-312' => q"Cleartext Storage of Sensitive Information",
'CWE-313' => q"Cleartext Storage in a File or on Disk",
'CWE-314' => q"Cleartext Storage in the Registry",
'CWE-315' => q"Cleartext Storage of Sensitive Information in a Cookie",
'CWE-316' => q"Cleartext Storage of Sensitive Information in Memory",
'CWE-317' => q"Cleartext Storage of Sensitive Information in GUI",
'CWE-318' => q"Cleartext Storage of Sensitive Information in Executable",
'CWE-319' => q"Cleartext Transmission of Sensitive Information",
'CWE-321' => q"Use of Hard-coded Cryptographic Key",
'CWE-322' => q"Key Exchange without Entity Authentication",
'CWE-323' => q"Reusing a Nonce, Key Pair in Encryption",
'CWE-324' => q"Use of a Key Past its Expiration Date",
'CWE-325' => q"Missing Cryptographic Step",
'CWE-326' => q"Inadequate Encryption Strength",
lib/CSAF/Util/CWE.pm view on Meta::CPAN
'CWE-529' => q"Exposure of Access Control List Files to an Unauthorized Control Sphere",
'CWE-530' => q"Exposure of Backup File to an Unauthorized Control Sphere",
'CWE-531' => q"Inclusion of Sensitive Information in Test Code",
'CWE-532' => q"Insertion of Sensitive Information into Log File",
'CWE-533' => q"DEPRECATED: Information Exposure Through Server Log Files",
'CWE-534' => q"DEPRECATED: Information Exposure Through Debug Log Files",
'CWE-535' => q"Exposure of Information Through Shell Error Message",
'CWE-536' => q"Servlet Runtime Error Message Containing Sensitive Information",
'CWE-537' => q"Java Runtime Error Message Containing Sensitive Information",
'CWE-538' => q"Insertion of Sensitive Information into Externally-Accessible File or Directory",
'CWE-539' => q"Use of Persistent Cookies Containing Sensitive Information",
'CWE-540' => q"Inclusion of Sensitive Information in Source Code",
'CWE-541' => q"Inclusion of Sensitive Information in an Include File",
'CWE-542' => q"DEPRECATED: Information Exposure Through Cleanup Log Files",
'CWE-543' => q"Use of Singleton Pattern Without Synchronization in a Multithreaded Context",
'CWE-544' => q"Missing Standardized Error Handling Mechanism",
'CWE-545' => q"DEPRECATED: Use of Dynamic Class Loading",
'CWE-546' => q"Suspicious Comment",
'CWE-547' => q"Use of Hard-coded, Security-relevant Constants",
'CWE-548' => q"Exposure of Information Through Directory Listing",
'CWE-549' => q"Missing Password Field Masking",
lib/CSAF/Util/CWE.pm view on Meta::CPAN
'CWE-553' => q"Command Shell in Externally Accessible Directory",
'CWE-554' => q"ASP.NET Misconfiguration: Not Using Input Validation Framework",
'CWE-555' => q"J2EE Misconfiguration: Plaintext Password in Configuration File",
'CWE-556' => q"ASP.NET Misconfiguration: Use of Identity Impersonation",
'CWE-558' => q"Use of getlogin() in Multithreaded Application",
'CWE-560' => q"Use of umask() with chmod-style Argument",
'CWE-561' => q"Dead Code",
'CWE-562' => q"Return of Stack Variable Address",
'CWE-563' => q"Assignment to Variable without Use",
'CWE-564' => q"SQL Injection: Hibernate",
'CWE-565' => q"Reliance on Cookies without Validation and Integrity Checking",
'CWE-566' => q"Authorization Bypass Through User-Controlled SQL Primary Key",
'CWE-567' => q"Unsynchronized Access to Shared Data in a Multithreaded Context",
'CWE-568' => q"finalize() Method Without super.finalize()",
'CWE-570' => q"Expression is Always False",
'CWE-571' => q"Expression is Always True",
'CWE-572' => q"Call to Thread run() instead of start()",
'CWE-573' => q"Improper Following of Specification by Caller",
'CWE-574' => q"EJB Bad Practices: Use of Synchronization Primitives",
'CWE-575' => q"EJB Bad Practices: Use of AWT Swing",
'CWE-576' => q"EJB Bad Practices: Use of Java I/O",
lib/CSAF/Util/CWE.pm view on Meta::CPAN
'CWE-603' => q"Use of Client-Side Authentication",
'CWE-605' => q"Multiple Binds to the Same Port",
'CWE-606' => q"Unchecked Input for Loop Condition",
'CWE-607' => q"Public Static Final Field References Mutable Object",
'CWE-608' => q"Struts: Non-private Field in ActionForm Class",
'CWE-609' => q"Double-Checked Locking",
'CWE-610' => q"Externally Controlled Reference to a Resource in Another Sphere",
'CWE-611' => q"Improper Restriction of XML External Entity Reference",
'CWE-612' => q"Improper Authorization of Index Containing Sensitive Information",
'CWE-613' => q"Insufficient Session Expiration",
'CWE-614' => q"Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
'CWE-615' => q"Inclusion of Sensitive Information in Source Code Comments",
'CWE-616' => q"Incomplete Identification of Uploaded File Variables (PHP)",
'CWE-617' => q"Reachable Assertion",
'CWE-618' => q"Exposed Unsafe ActiveX Method",
'CWE-619' => q"Dangling Database Cursor ('Cursor Injection')",
'CWE-620' => q"Unverified Password Change",
'CWE-621' => q"Variable Extraction Error",
'CWE-622' => q"Improper Validation of Function Hook Arguments",
'CWE-623' => q"Unsafe ActiveX Control Marked Safe For Scripting",
'CWE-624' => q"Executable Regular Expression Error",
lib/CSAF/Util/CWE.pm view on Meta::CPAN
'CWE-774' => q"Allocation of File Descriptors or Handles Without Limits or Throttling",
'CWE-775' => q"Missing Release of File Descriptor or Handle after Effective Lifetime",
'CWE-776' => q"Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')",
'CWE-777' => q"Regular Expression without Anchors",
'CWE-778' => q"Insufficient Logging",
'CWE-779' => q"Logging of Excessive Data",
'CWE-780' => q"Use of RSA Algorithm without OAEP",
'CWE-781' => q"Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code",
'CWE-782' => q"Exposed IOCTL with Insufficient Access Control",
'CWE-783' => q"Operator Precedence Logic Error",
'CWE-784' => q"Reliance on Cookies without Validation and Integrity Checking in a Security Decision",
'CWE-785' => q"Use of Path Manipulation Function without Maximum-sized Buffer",
'CWE-786' => q"Access of Memory Location Before Start of Buffer",
'CWE-787' => q"Out-of-bounds Write",
'CWE-788' => q"Access of Memory Location After End of Buffer",
'CWE-789' => q"Memory Allocation with Excessive Size Value",
'CWE-790' => q"Improper Filtering of Special Elements",
'CWE-791' => q"Incomplete Filtering of Special Elements",
'CWE-792' => q"Incomplete Filtering of One or More Instances of Special Elements",
'CWE-793' => q"Only Filtering One Instance of a Special Element",
'CWE-794' => q"Incomplete Filtering of Multiple Instances of Special Elements",
lib/CSAF/Util/CWE.pm view on Meta::CPAN
'CWE-923' => q"Improper Restriction of Communication Channel to Intended Endpoints",
'CWE-924' => q"Improper Enforcement of Message Integrity During Transmission in a Communication Channel",
'CWE-925' => q"Improper Verification of Intent by Broadcast Receiver",
'CWE-926' => q"Improper Export of Android Application Components",
'CWE-927' => q"Use of Implicit Intent for Sensitive Communication",
'CWE-939' => q"Improper Authorization in Handler for Custom URL Scheme",
'CWE-940' => q"Improper Verification of Source of a Communication Channel",
'CWE-941' => q"Incorrectly Specified Destination in a Communication Channel",
'CWE-942' => q"Permissive Cross-domain Policy with Untrusted Domains",
'CWE-943' => q"Improper Neutralization of Special Elements in Data Query Logic",
'CWE-1004' => q"Sensitive Cookie Without 'HttpOnly' Flag",
'CWE-1007' => q"Insufficient Visual Distinction of Homoglyphs Presented to User",
'CWE-1021' => q"Improper Restriction of Rendered UI Layers or Frames",
'CWE-1022' => q"Use of Web Link to Untrusted Target with window.opener Access",
'CWE-1023' => q"Incomplete Comparison with Missing Factors",
'CWE-1024' => q"Comparison of Incompatible Types",
'CWE-1025' => q"Comparison Using Wrong Factors",
'CWE-1037' => q"Processor Optimization Removal or Modification of Security-critical Code",
'CWE-1038' => q"Insecure Automated Optimizations",
'CWE-1039' =>
"Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
lib/CSAF/Util/CWE.pm view on Meta::CPAN
'CWE-1265' => q"Unintended Reentrant Invocation of Non-reentrant Code Via Nested Calls",
'CWE-1266' => q"Improper Scrubbing of Sensitive Data from Decommissioned Device",
'CWE-1267' => q"Policy Uses Obsolete Encoding",
'CWE-1268' => q"Policy Privileges are not Assigned Consistently Between Control and Data Agents",
'CWE-1269' => q"Product Released in Non-Release Configuration",
'CWE-1270' => q"Generation of Incorrect Security Tokens",
'CWE-1271' => q"Uninitialized Value on Reset for Registers Holding Security Settings",
'CWE-1272' => q"Sensitive Information Uncleared Before Debug/Power State Transition",
'CWE-1273' => q"Device Unlock Credential Sharing",
'CWE-1274' => q"Improper Access Control for Volatile Memory Containing Boot Code",
'CWE-1275' => q"Sensitive Cookie with Improper SameSite Attribute",
'CWE-1276' => q"Hardware Child Block Incorrectly Connected to Parent System",
'CWE-1277' => q"Firmware Not Updateable",
'CWE-1278' =>
"Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques",
'CWE-1279' => q"Cryptographic Operations are run Before Supporting Units are Ready",
'CWE-1280' => q"Access Control Check Implemented After Asset is Accessed",
'CWE-1281' => q"Sequence of Processor Instructions Leads to Unexpected Behavior",
'CWE-1282' => q"Assumed-Immutable Data is Stored in Writable Memory",
'CWE-1283' => q"Mutable Attestation or Measurement Reporting Data",
'CWE-1284' => q"Improper Validation of Specified Quantity in Input",
( run in 0.769 second using v1.01-cache-2.11-cpan-e9199f4ba4c )