CWE-226 – Sensitive Information in Resource Not Removed Before Reuse
Description The product releases a resource such as memory or a file so that it can be made available for reuse, but it does not...
CWE-225 – DEPRECATED: General Information Management Problems
Description This weakness can be found at CWE-199. Modes of Introduction: Related Weaknesses Consequences Potential Mitigations CVE References
CWE-224 – Obscured Security-relevant Information by Alternate Name
Description The software records security-relevant information according to an alternate name of the affected entity, instead of the canonical name. Modes of Introduction: - Architecture...
CWE-223 – Omission of Security-relevant Information
Description The application does not record or display information that would be important for identifying the source or nature of an attack, or determining if...
CWE-222 – Truncation of Security-relevant Information
Description The application truncates the display, recording, or processing of security-relevant information in a way that can obscure the source or nature of an attack....
CWE-221 – Information Loss or Omission
Description The software does not record, or improperly records, security-relevant information that leads to an incorrect decision or hampers later analysis. This can be resultant,...
CWE-220 – Storage of File With Sensitive Data Under FTP Root
Description The application stores sensitive data under the FTP server root with insufficient access control, which might make it accessible to untrusted parties. Various Unix...
CWE-22 – Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
Description The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted...
CWE-219 – Storage of File with Sensitive Data Under Web Root
Description The application stores sensitive data under the web document root with insufficient access control, which might make it accessible to untrusted parties. Besides public-facing...
CWE-218 – DEPRECATED: Failure to provide confidentiality for stored data
Description This weakness has been deprecated because it was a duplicate of CWE-493. All content has been transferred to CWE-493. Modes of Introduction: ...