CWE-179 – Incorrect Behavior Order: Early Validation
Description The software validates input before applying protection mechanisms that modify the input, which could allow an attacker to bypass the validation via dangerous inputs...
CWE-178 – Improper Handling of Case Sensitivity
Description The software does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results....
CWE-177 – Improper Handling of URL Encoding (Hex Encoding)
Description The software does not properly handle when all or part of an input has been URL encoded. Modes of Introduction: - Implementation ...
CWE-176 – Improper Handling of Unicode Encoding
Description The software does not properly handle when an input contains Unicode encoding. Modes of Introduction: - Implementation Related Weaknesses CWE-172 Consequences...
CWE-175 – Improper Handling of Mixed Encoding
Description The software does not properly handle when the same input uses several different (mixed) encodings. Modes of Introduction: - Implementation Related Weaknesses...
CWE-174 – Double Decoding of the Same Data
Description The software decodes the same input twice, which can limit the effectiveness of any protection mechanism that occurs in between the decoding operations. Modes...
CWE-173 – Improper Handling of Alternate Encoding
Description The software does not properly handle when an input uses an alternate encoding that is valid for the control sphere to which the input...
CWE-172 – Encoding Error
Description The software does not properly encode or decode the data, resulting in unexpected values. Modes of Introduction: - Implementation Related Weaknesses CWE-707...
CWE-170 – Improper Null Termination
Description The software does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator. Null termination errors frequently occur...
CWE-168 – Improper Handling of Inconsistent Special Elements
Description The software does not properly handle input in which an inconsistency exists between two or more special characters or reserved words. An example of...