Tag Archives: CWE- 230

CWE-230 – Improper Handling of Missing Values

Read Time:27 Second

Description

The software does not handle or incorrectly handles when a parameter, field, or argument name is specified, but the associated value is missing, i.e. it is empty, blank, or null.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-229

 

Consequences

Integrity: Unexpected State

 

Potential Mitigations

CVE References

  • CVE-2000-1006
    • Blank “charset” attribute in MIME header triggers crash.