CWE-450 – Multiple Interpretations of UI Input
Description The UI has multiple interpretations of user input but does not prompt the user when it selects the less secure interpretation. Modes of Introduction:...
CWE-451 – User Interface (UI) Misrepresentation of Critical Information
Description The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured...
CWE-453 – Insecure Default Variable Initialization
Description The software, by default, initializes an internal variable with an insecure or less secure value than is possible. Modes of Introduction: - Architecture and...
CWE-454 – External Initialization of Trusted Variables or Data Stores
Description The software initializes critical internal variables or data stores using inputs that can be modified by untrusted actors. A software system should be reluctant...
CWE-455 – Non-exit on Failed Initialization
Description The software does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a...
CWE-456 – Missing Initialization of a Variable
Description The software does not initialize critical variables, which causes the execution environment to use unexpected values. Modes of Introduction: - Implementation Related...
CWE-457 – Use of Uninitialized Variable
Description The code uses a variable that has not been initialized, leading to unpredictable or unintended results. In some languages such as C and C++,...
CWE-458 – DEPRECATED: Incorrect Initialization
Description This weakness has been deprecated because its name and description did not match. The description duplicated CWE-454, while the name suggested a more abstract...
CWE-459 – Incomplete Cleanup
Description The software does not properly "clean up" and remove temporary or supporting resources after they have been used. Modes of Introduction: - Architecture and...
CWE-46 – Path Equivalence: ‘filename ‘ (Trailing Space)
Description A software system that accepts path input in the form of trailing space ('filedir ') without appropriate validation can lead to ambiguous path resolution...