CWE-176 – Improper Handling of Unicode Encoding
Description The software does not properly handle when an input contains Unicode encoding. Modes of Introduction: - Implementation Related Weaknesses CWE-172 Consequences...
CWE-177 – Improper Handling of URL Encoding (Hex Encoding)
Description The software does not properly handle when all or part of an input has been URL encoded. Modes of Introduction: - Implementation ...
CWE-178 – Improper Handling of Case Sensitivity
Description The software does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results....
CWE-1385 – Missing Origin Validation in WebSockets
Description The software uses a WebSocket, but it does not properly verify that the source of data or communication is valid. Modes of Introduction: -...
CWE-14 – Compiler Removal of Code to Clear Buffers
Description Sensitive memory is cleared according to the source code, but compiler optimizations leave the memory untouched when it is not read from again, aka...
CWE-140 – Improper Neutralization of Delimiters
Description The software does not neutralize or incorrectly neutralizes delimiters. Modes of Introduction: - Implementation Related Weaknesses CWE-138 Consequences Integrity: Unexpected State...
CWE-141 – Improper Neutralization of Parameter/Argument Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter...
CWE-142 – Improper Neutralization of Value Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as value...
CWE-143 – Improper Neutralization of Record Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as record...
CWE-144 – Improper Neutralization of Line Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as line...