The implementation of the product is not consistent with the
design as described within the relevant documentation.
Modes of Introduction:
– Implementation
The software contains a data query against an SQL table or view
that is configured in a way that does not utilize an index and may cause
sequential searches to be performed.
Modes of Introduction:
Other: Reduce Performance
The software contains a serializable data element that does not
have an associated serialization method.
Modes of Introduction:
Other: Reduce Reliability
The application uses deployed components from application servers, but it also uses low-level functions/methods for management of resources, instead of the API provided by the application server.
Modes of Introduction:
Other: Reduce Reliability
The software contains a function, subroutine, or method whose signature has an unnecessarily large number of
parameters/arguments.
Modes of Introduction:
Other: Reduce Maintainability
A static code block creates an instance of a class.
Modes of Introduction:
Other: Reduce Performance
The code has a parent class that contains references to a child class, its methods, or its members.
Modes of Introduction:
Other: Reduce Reliability
The software does not sufficiently hide the internal representation and implementation details of data or methods, which might allow external components or modules to modify data unexpectedly, invoke unexpected functionality, or introduce dependencies that the programmer did not intend.
Modes of Introduction:
The software performs too many data queries without using efficient data processing functionality such as stored procedures.
Modes of Introduction:
Other: Reduce Performance
When an application does not use an input validation framework such as the Struts Validator, there is a greater risk of introducing weaknesses related to insufficient input validation.
Modes of Introduction:
– Implementation
Integrity: Unexpected State
Phase: Architecture and Design
Description:
Use an input validation framework such as Struts.
Phase: Architecture and Design
Description:
Use an input validation framework such as Struts.
Phase: Implementation
Description:
Phase: Implementation
Description: