CWE-480 – Use of Incorrect Operator
Description The programmer accidentally uses the wrong operator, which changes the application logic in security-relevant ways. These types of errors are generally the result of...
CWE-481 – Assigning instead of Comparing
Description The code uses an operator for assignment when the intention was to perform a comparison. In many languages the compare statement is very close...
CWE-482 – Comparing instead of Assigning
Description The code uses an operator for comparison when the intention was to perform an assignment. In many languages, the compare statement is very close...
CWE-443 – DEPRECATED: HTTP response splitting
Description This weakness can be found at CWE-113. Modes of Introduction: Related Weaknesses Consequences Potential Mitigations CVE References
CWE-444 – Inconsistent Interpretation of HTTP Requests (‘HTTP Request Smuggling’)
Description When malformed or abnormal HTTP requests are interpreted by one or more entities in the data flow between the user and the web server,...
CWE-446 – UI Discrepancy for Security Feature
Description The user interface does not correctly enable or configure a security feature, but the interface provides feedback that causes the user to believe that...
CWE-447 – Unimplemented or Unsupported Feature in UI
Description A UI function for a security feature appears to be supported and gives feedback to the user that suggests that it is supported, but...
CWE-448 – Obsolete Feature in UI
Description A UI function is obsolete and the product does not warn the user. Modes of Introduction: - Implementation Related Weaknesses CWE-446 ...
CWE-449 – The UI Performs the Wrong Action
Description The UI performs the wrong action with respect to the user's request. Modes of Introduction: - Implementation Related Weaknesses CWE-446 Consequences...
CWE-45 – Path Equivalence: ‘file…name’ (Multiple Internal Dot)
Description A software system that accepts path input in the form of multiple internal dot ('file...dir') without appropriate validation can lead to ambiguous path resolution...