CWE
Home > CWE List > Reports > Differences between Draft 6 and Draft 7   View the CWE List

Differences between Draft 6 and Draft 7
Differences between Draft 6 and Draft 7

Summary
Summary
Total new 7
Total deprecated 1
Total shared 627
Total important changes 199
Total major changes 464
Total minor changes 270
Total minor changes (no major) 44
Total unchanged 119
Back to top
Attribute Change Summary
Attribute Change Summary

"Minor" changes are text changes that only affect capitalization, punctuation, and whitespace. All other changes are marked as "Major."

Attribute Major Minor
AffectedResource 50 0
Alternate_Terms 6 0
Applicable_Platforms 348 0
CVEs_Mentioned 2 0
Causal_Nature 0 0
Common_Consequences 8 92
Common_Methods_of_Exploitation 0 0
Context_Notes 43 23
Demonstrative_Example 12 2
Description 117 9
Enabling_Factors_for_Exploitation 0 0
Functional_Area 0 0
Likelihood_of_Exploit 0 0
Name 17 161
Node_Relationship 107 0
Observed_Example 7 2
Potential_Mitigations 15 0
References 7 0
Research_Gaps 6 4
Source_Taxonomy 0 0
Time_of_Introduction 0 0
Type 0 0
Weakness_Ordinality 4 78

Nodes Removed from Draft 6

CWE-ID CWE Name
None.

Nodes Added to Draft 7

CWE-ID CWE Name
629 Weaknesses in OWASP Top Ten
630 Weaknesses Examined by SAMATE
631 Resource-specific Weaknesses
632 Weaknesses that Affect Files or Directories
633 Weaknesses that Affect Memory
634 Weaknesses that Affect System Processes
635 Weaknesses Used by NVD

Nodes Deprecated in Draft 7

CWE-ID CWE Name
225 DEPRECATED (Duplicate): General Information Management Problems
Back to top
Important Changes
Important Changes

A node change is labeled "important" if it is a major field change and the field is critical to the meaning of the node. The critical fields are description, name, and relationships.

Key
D Description
N Name
R Relationships

D 1 Location
D 2 Environment
D 3 Technology-specific Environment Issues
DN 8 J2EE Misconfiguration: Entity Bean Declared Remote
R 14 Insecure Compiler Optimization
D R 16 Configuration
D 17 Code
D 18 Source Code
D 19 Data Handling
DNR 20 Insufficient Input Validation
D R 22 Path Traversal
R 41 Path Equivalence
D 56 Path Issue - Asterisk Wildcard - filedir*
R 59 Link Following
D 60 UNIX Path Link Problems
D 63 Windows Path Link Problems
R 67 Windows MS-DOS Device Names
D 68 Windows Virtual File Problems
R 69 Windows ::DATA Alternate Data Stream
D R 70 Mac Virtual File Problems
R 77 Command Injection
R 78 OS Command Injection
D R 79 Cross-site Scripting (XSS)
R 80 Basic XSS
DN 85 Doubled Character XSS Manipulations
R 88 Argument Injection or Modification
R 89 SQL Injection
R 90 LDAP Injection
R 91 XML Injection (aka Blind XPath Injection)
R 93 CRLF Injection
D R 94 Code Injection
R 95 Direct Dynamic Code Evaluation ('Eval Injection')
R 96 Direct Static Code Injection
R 98 PHP File Inclusion
R 99 Resource Injection
D 100 Technology-Specific Input Validation Problems
D 101 Struts Validation Problems
D 102 Struts: Duplicate Validation Forms
DN 103 Struts: Incomplete validate() Method Definition
D 104 Struts: Form Bean Does Not Extend Validation Class
D 105 Struts: Form Field Without Validator
D 106 Struts: Plug-in Framework not in Use
D 109 Struts: Validator Turned Off
D 111 Unsafe JNI
R 114 Process Control
D 116 Output Validation
D 118 Range Errors
D R 119 Buffer Errors
R 120 Unbounded Transfer ('Classic Buffer Overflow')
DNR 121 Stack-based Buffer Overflow
NR 122 Heap-based Buffer Overflow
R 123 Write-what-where Condition
D 124 Boundary Beginning Violation ('Buffer Underwrite')
R 129 Unchecked Array Indexing
D 133 String Errors
NR 134 Uncontrolled Format String
D 136 Type Errors
D 137 Representation Errors
D 138 Special Elements (Characters or Reserved Words)
D 139 General Special Element Problems
D 140 Delimiter Problems
D 148 Input Leader
D 154 Variable Name Delimiter
D 159 Common Special Element Manipulations
D 169 Technology-Specific Special Elements
R 170 Improper Null Termination
D 171 Cleansing, Canonicalization, and Comparison Errors
D 172 Encoding Error
R 178 Case Sensitivity (Lowercase, Uppercase, Mixed Case)
D R 189 Numeric Errors
D R 190 Integer Overflow (Wrap or Wraparound)
D 198 Numeric Byte Ordering Error
D R 199 Information Management Errors
D R 200 Information Leak (Information Disclosure)
D 213 Intended Information Leak
R 214 Process Information Leak to Other Processes
D 215 Information Leak Through Debug Information
D 219 Sensitive Data Under Web Root
D 220 Sensitive Data Under FTP Root
DNR 225 DEPRECATED (Duplicate): General Information Management Problems
R 226 Sensitive Information Uncleared Before Use
D 228 Structure and Validity Problems
D 229 Value Problems
D 233 Parameter Problems
D 237 Element Problems
R 243 Directory Restriction
R 244 Heap Inspection
R 249 Often Misused: Path Manipulation
R 251 Often Misused: String Management
D R 255 Credentials Management
R 259 Hard-Coded Password
R 260 Password in Configuration File
D R 264 Permissions, Privileges, and Access Controls
R 266 Incorrect Privilege Assignment
D 267 Unsafe Privilege
R 273 Failure to Check Whether Privileges Were Dropped Successfully
D R 275 Permission Issues
DNR 280 Failure to Handle Insufficient Permissions or Privileges
R 282 Ownership Issues
D R 284 Access Control Issues
R 285 Missing or Inconsistent Access Control
R 287 Authentication Issues
R 288 Authentication Bypass by Alternate Path/Channel
D 290 Authentication Bypass by Spoofing
DN 293 Using Referer Field for Authentication
N 294 Authentication Bypass by Capture-replay
D 295 Certificate Issues
R 301 Reflection Attack in an Authentication Protocol
D R 310 Cryptographic Issues
R 311 Failure to Encrypt Data
D 312 Plaintext Storage of Sensitive Information
R 316 Plaintext Storage in Memory
D 320 Key Management Errors
R 321 Use of Hard-coded Cryptographic Key
R 325 Missing Required Cryptographic Step
R 326 Weak Encryption
D 340 Predictability Problems
R 352 Cross-Site Request Forgery (CSRF)
D R 362 Race Conditions
D 363 Race Condition Enabling Link Following
R 364 Signal Handler Race Condition
R 366 Race Condition within a Thread
R 367 Time-of-check Time-of-use Race Condition
D 371 State Issues
D R 376 Temporary File Issues
D 380 Technology-Specific Time and State Issues
D 381 J2EE Time and State Issues
R 383 J2EE Bad Practices: Threads
R 387 Signal Errors
R 391 Unchecked Error Condition
D 398 Code Quality
D R 399 Resource Management Errors
N 400 Resource Exhaustion
R 401 Memory Leak
D 402 Resource Leaks
R 403 UNIX File Descriptor Leak
D 411 Resource Locking Problems
R 412 Unrestricted Critical Resource Lock
R 415 Double Free
R 416 Use After Free
D 417 Channel and Path Errors
D 418 Channel Errors
R 421 Alternate Channel Race Condition
R 422 Unprotected Windows Messaging Channel ('Shatter')
D 424 Alternate Path Errors
NR 425 Direct Request ('Forced Browsing')
R 426 Untrusted Search Path
D 429 Handler Errors
D 432 Dangerous Handler not Cleared/Disabled During Sensitive Operations
R 434 Unrestricted File Upload
D 438 Behavioral Problems
D 442 Web Problems
D R 445 User Interface Quality Errors
DNR 446 User Interface Discrepancy for Security Feature
R 449 The UI Performs the Wrong Action
D 452 Initialization and Cleanup Errors
R 457 Uninitialized Variable
D 461 Data Structure Issues
D 463 Deletion of Data-structure Sentinel
D 464 Addition of Data-structure Sentinel
D 465 Pointer Issues
D R 466 Illegal Pointer Value
D R 467 Use of sizeof() on a Pointer Type
R 468 Unintentional Pointer Scaling
D R 469 Improper Pointer Subtraction
R 470 Unsafe Reflection
N 471 Modification of Assumed-Immutable Data (MAID)
R 472 Web Parameter Tampering
D R 473 PHP External Variable Modification
D R 476 NULL Pointer Dereference
R 479 Unsafe Function Call from a Signal Handler
D 480 Using the Wrong Operator
R 489 Leftover Debug Code
D 490 Mobile Code Issues
R 495 Private Array-Typed Field Returned From A Public Method
D R 496 Public Data Assigned to Private Array-Typed Field
D 503 Byte/Object Code
D 504 Motivation/Intent
D 508 Non-Replicating
D 509 Replicating (virus)
D 512 Spyware
D 513 Nonmalicious
D 514 Covert Channel
D 515 Covert Storage Channel
R 522 Insufficiently Protected Credentials
R 533 Information Leak Through Server Log Files
D 538 File and Directory Information Leaks
D 548 Information Leak Through Directory Listing
R 552 Errant Files or Directories Accessible
D 553 Possible Command Shell (csh)
N 558 Misused Authentication: getlogin()
D 559 Often Misused: Arguments and Parameters
D 569 Expression Issues
R 572 Call to Thread.run()
R 590 Improperly Freeing Heap Memory
R 591 Memory Locking
D 592 Authentication Bypass Issues
N 599 No OpenSSL Certificate Check Performed before Use
R 604 Deprecated
Back to top
Detailed Difference Report
Detailed Difference Report
1 Location
Major Description
Minor None
2 Environment
Major Description
Minor None
3 Technology-specific Environment Issues
Major Description
Minor None
8 J2EE Misconfiguration: Entity Bean Declared Remote
Major Name, Description, Context_Notes, Potential_Mitigations
Minor None
14 Insecure Compiler Optimization
Major AffectedResource, Node_Relationship
Minor None
16 Configuration
Major Description, Node_Relationship
Minor None
17 Code
Major Description
Minor None
18 Source Code
Major Description
Minor None
19 Data Handling
Major Description
Minor None
20 Insufficient Input Validation
Major Name, Description, Node_Relationship
Minor None
21 Pathname Traversal and Equivalence Errors
Major Applicable_Platforms
Minor Description
22 Path Traversal
Major Description, Context_Notes, AffectedResource, Applicable_Platforms, Potential_Mitigations, Node_Relationship
Minor Weakness_Ordinality
23 Relative Path Traversal
Major Applicable_Platforms
Minor None
24 Path Issue - Dot Dot Slash - '../filedir'
Major Applicable_Platforms
Minor Name
25 Path Issue - Leading Dot Dot Slash - '/../filedir'
Major Applicable_Platforms
Minor Name
26 Path Issue - Leading Directory Dot Dot Slash - '/directory/../filename'
Major Applicable_Platforms
Minor Name
27 Path Issue - Directory Doubled Dot Dot Slash - 'directory/../../filename'
Major Applicable_Platforms
Minor Name
28 Path Issue - Dot Dot Backslash - '..\filename'
Major Applicable_Platforms
Minor Name
29 Path Issue - Leading Dot Dot Backslash - '\..\filename'
Major Applicable_Platforms
Minor Name
30 Path Issue - Leading Directory Dot Dot Backslash - '\directory\..\filename'
Major Applicable_Platforms
Minor Name
31 Path Issue - Directory Doubled Dot Dot Backslash - 'directory\..\..\filename'
Major Applicable_Platforms
Minor Name
32 Path Issue - Triple Dot - '...'
Major Applicable_Platforms
Minor Name
33 Path Issue - Multiple Dot - '....'
Major Applicable_Platforms
Minor Name
34 Path Issue - Doubled Dot Dot Slash - '....//'
Major Applicable_Platforms
Minor Name
35 Path Issue - Doubled Triple Dot Slash - '.../...//'
Major Applicable_Platforms
Minor Name
36 Absolute Path Traversal
Major Applicable_Platforms
Minor None
37 Path Issue - Slash Absolute Path - /absolute/pathname/here
Major Applicable_Platforms
Minor Name
38 Path Issue - Backslash Absolute Path - \absolute\pathname\here
Major Applicable_Platforms
Minor Name
39 Path Issue - Drive Letter or Windows Volume - 'C:dirname'
Major Applicable_Platforms
Minor Name
40 Path Issue - Windows UNC Share - '\\UNC\share\name\'
Major Applicable_Platforms
Minor Name
41 Path Equivalence
Major AffectedResource, Applicable_Platforms, Node_Relationship
Minor None
42 Path Issue - Trailing Dot - 'filedir.'
Major Applicable_Platforms
Minor Name
43 Path Issue - Multiple Trailing Dot - 'filedir....'
Major Applicable_Platforms
Minor Name
44 Path Issue - Internal Dot - 'file.ordir'
Major Applicable_Platforms
Minor Name, Context_Notes
45 Path Issue - Multiple Internal Dot - 'file...dir'
Major Applicable_Platforms
Minor Name, Context_Notes
46 Path Issue - Trailing Space - 'filedir '
Major Applicable_Platforms
Minor Name
47 Path Issue - Leading Space - ' filedir'
Major Applicable_Platforms
Minor Name
48 Path Issue - Internal Space - file(SPACE)name
Major Applicable_Platforms
Minor Name, Context_Notes
49 Path Issue - Trailing Slash - filedir/
Major Applicable_Platforms
Minor Name
50 Path Issue - Multiple Leading Slash - //multiple/leading/slash
Major Applicable_Platforms
Minor Name
51 Path Issue - Multiple Internal Slash - /multiple//internal/slash
Major Applicable_Platforms
Minor Name
52 Path Issue - Multiple Trailing Slash - /multiple/trailing/slash//
Major Applicable_Platforms
Minor Name
53 Path Issue - Multiple Internal Backslash - \multiple\\internal\backslash
Major Applicable_Platforms
Minor Name
54 Path Issue - Trailing Backslash - (filedir\)
Major Applicable_Platforms
Minor Name
55 Path Issue - Single Dot Directory - /./
Major Applicable_Platforms
Minor Name
56 Path Issue - Asterisk Wildcard - filedir*
Major Description, Applicable_Platforms
Minor Name
57 Path Issue - dirname/fakechild/../realchild/filename
Major Applicable_Platforms
Minor None
58 Path Issue - Windows 8.3 Filename
Major Applicable_Platforms
Minor None
59 Link Following
Major Context_Notes, Alternate_Terms, AffectedResource, Applicable_Platforms, Node_Relationship
Minor Description, Weakness_Ordinality
60 UNIX Path Link Problems
Major Description, Applicable_Platforms
Minor Name
61 UNIX Symbolic Link (Symlink) Following
Major Applicable_Platforms
Minor Name, Weakness_Ordinality
62 UNIX Hard Link
Major Applicable_Platforms
Minor Name, Weakness_Ordinality
63 Windows Path Link Problems
Major Description, Applicable_Platforms
Minor Name
64 Windows Shortcut Following (.LNK)
Major Applicable_Platforms
Minor Weakness_Ordinality
65 Windows Hard Link
Major Applicable_Platforms
Minor Name
66 Virtual Files
Major Applicable_Platforms
Minor None
67 Windows MS-DOS Device Names
Major AffectedResource, Applicable_Platforms, Node_Relationship
Minor Name, Weakness_Ordinality
68 Windows Virtual File Problems
Major Description, Applicable_Platforms
Minor Name
69 Windows ::DATA Alternate Data Stream
Major AffectedResource, Applicable_Platforms, Node_Relationship
Minor Name
70 Mac Virtual File Problems
Major Description, AffectedResource, Applicable_Platforms, Node_Relationship
Minor Name
71 Apple '.DS_Store'
Major Applicable_Platforms
Minor None
72 Apple HFS+ Alternate Data Stream
Major Applicable_Platforms
Minor Name
73 Path Manipulation
Major Applicable_Platforms
Minor Weakness_Ordinality
74 Injection
Major Applicable_Platforms
Minor Weakness_Ordinality, Common_Consequences
75 Special Element Injection
Major Applicable_Platforms
Minor None
76 Equivalent Special Element Injection
Major Applicable_Platforms
Minor Description, Weakness_Ordinality
77 Command Injection
Major Applicable_Platforms, Node_Relationship
Minor Weakness_Ordinality, Common_Consequences
78 OS Command Injection
Major Observed_Example, AffectedResource, Applicable_Platforms, Node_Relationship
Minor None
79 Cross-site Scripting (XSS)
Major Description, References, Context_Notes, Alternate_Terms, Applicable_Platforms, Potential_Mitigations, Common_Consequences, Node_Relationship
Minor Name, Weakness_Ordinality
80 Basic XSS
Major Applicable_Platforms, Node_Relationship
Minor Weakness_Ordinality
81 XSS in Error Pages
Major Applicable_Platforms
Minor Name, Description, Weakness_Ordinality
82 Script in IMG Tags
Major Applicable_Platforms
Minor Name
83 XSS using Script in Attributes
Major Applicable_Platforms
Minor Weakness_Ordinality
84 XSS using Script Via Encoded URI Schemes
Major Applicable_Platforms
Minor Weakness_Ordinality
85 Doubled Character XSS Manipulations
Major Name, Description, Applicable_Platforms
Minor Weakness_Ordinality
86 Invalid Characters in Identifiers
Major Applicable_Platforms
Minor None
87 Alternate XSS Syntax
Major Applicable_Platforms
Minor Name
88 Argument Injection or Modification
Major AffectedResource, Applicable_Platforms, Node_Relationship
Minor Context_Notes, Weakness_Ordinality
89 SQL Injection
Major Demonstrative_Example, Applicable_Platforms, Node_Relationship
Minor Name, Common_Consequences
90 LDAP Injection
Major Applicable_Platforms, Node_Relationship
Minor Name
91 XML Injection (aka Blind XPath Injection)
Major References, Context_Notes, Applicable_Platforms, Node_Relationship
Minor Name
92 Custom Special Character Injection
Major Applicable_Platforms
Minor Weakness_Ordinality
93 CRLF Injection
Major Applicable_Platforms, Node_Relationship
Minor Weakness_Ordinality
94 Code Injection
Major Description, Applicable_Platforms, Node_Relationship
Minor Research_Gaps
95 Direct Dynamic Code Evaluation ('Eval Injection')
Major Applicable_Platforms, Node_Relationship
Minor Weakness_Ordinality
96 Direct Static Code Injection
Major Context_Notes, AffectedResource, Applicable_Platforms, Node_Relationship
Minor Weakness_Ordinality
97 Server-Side Includes (SSI) Injection
Major Applicable_Platforms
Minor None
98 PHP File Inclusion
Major Research_Gaps, Alternate_Terms, AffectedResource, Node_Relationship
Minor Context_Notes
99 Resource Injection
Major Applicable_Platforms, Node_Relationship
Minor Weakness_Ordinality
100 Technology-Specific Input Validation Problems
Major Description
Minor None
101 Struts Validation Problems
Major Description
Minor Name
102 Struts: Duplicate Validation Forms
Major Description, Context_Notes, Demonstrative_Example
Minor Weakness_Ordinality
103 Struts: Incomplete validate() Method Definition
Major Name, Description, Context_Notes
Minor Weakness_Ordinality
104 Struts: Form Bean Does Not Extend Validation Class
Major Description, Context_Notes
Minor Weakness_Ordinality
105 Struts: Form Field Without Validator
Major Description, Context_Notes, Potential_Mitigations
Minor Weakness_Ordinality
106 Struts: Plug-in Framework not in Use
Major Description, Context_Notes, Weakness_Ordinality
Minor Name
107 Struts: Unused Validation Form
Major None
Minor Weakness_Ordinality
108 Struts: Unvalidated Action Form
Major None
Minor Weakness_Ordinality
109 Struts: Validator Turned Off
Major Description, Context_Notes, Potential_Mitigations
Minor Weakness_Ordinality
110 Struts: Validator Without Form Field
Major None
Minor Weakness_Ordinality
111 Unsafe JNI
Major Description, Context_Notes
Minor Weakness_Ordinality
112 Missing XML Validation
Major Applicable_Platforms
Minor Weakness_Ordinality
113 HTTP Response Splitting
Major Applicable_Platforms
Minor None
114 Process Control
Major AffectedResource, Applicable_Platforms, Potential_Mitigations, Node_Relationship
Minor None
115 Misinterpretation Error
Major Research_Gaps, Applicable_Platforms
Minor None
116 Output Validation
Major Description, Applicable_Platforms
Minor None
117 Log Forging
Major Applicable_Platforms
Minor Weakness_Ordinality
118 Range Errors
Major Description, Applicable_Platforms
Minor None
119 Buffer Errors
Major Description, AffectedResource, Node_Relationship
Minor None
120 Unbounded Transfer ('Classic Buffer Overflow')
Major AffectedResource, Potential_Mitigations, Node_Relationship
Minor Name, Weakness_Ordinality, Common_Consequences
121 Stack-based Buffer Overflow
Major Name, Description, Context_Notes, Demonstrative_Example, Alternate_Terms, Node_Relationship
Minor Weakness_Ordinality, Common_Consequences
122 Heap-based Buffer Overflow
Major Name, Context_Notes, AffectedResource, Node_Relationship
Minor Weakness_Ordinality, Common_Consequences
123 Write-what-where Condition
Major Context_Notes, Potential_Mitigations, Common_Consequences, Node_Relationship
Minor Name, Weakness_Ordinality
124 Boundary Beginning Violation ('Buffer Underwrite')
Major Description, References, Context_Notes, Research_Gaps, Demonstrative_Example, Observed_Example, Alternate_Terms, CVEs_Mentioned, Common_Consequences
Minor Name, Weakness_Ordinality
125 Out-of-bounds Read
Major None
Minor Weakness_Ordinality
126 Buffer Over-read
Major None
Minor Name, Weakness_Ordinality
127 Buffer Under-read
Major None
Minor Name, Weakness_Ordinality
128 Wrap-around Error
Major Applicable_Platforms
Minor Name, Weakness_Ordinality, Common_Consequences
129 Unchecked Array Indexing
Major AffectedResource, Node_Relationship
Minor Name, Weakness_Ordinality, Common_Consequences
130 Length Parameter Inconsistency
Major Applicable_Platforms
Minor Weakness_Ordinality
131 Other Length Calculation Error
Major None
Minor Name
132 Miscalculated Null Termination
Major Demonstrative_Example
Minor Name, Weakness_Ordinality, Common_Consequences
133 String Errors
Major Description
Minor None
134 Uncontrolled Format String
Major Name, AffectedResource, Applicable_Platforms, Common_Consequences, Node_Relationship
Minor Weakness_Ordinality
135 Improper String Length Checking
Major None
Minor Name
136 Type Errors
Major Description
Minor None
137 Representation Errors
Major Description
Minor None
138 Special Elements (Characters or Reserved Words)
Major Description
Minor None
139 General Special Element Problems
Major Description, Applicable_Platforms
Minor None
140 Delimiter Problems
Major Description
Minor None
141 Parameter Delimiter
Major Applicable_Platforms
Minor None
142 Value Delimiter
Major Applicable_Platforms
Minor None
143 Record Delimiter
Major Applicable_Platforms
Minor None
144 Line Delimiter
Major Applicable_Platforms
Minor None
145 Section Delimiter
Major Applicable_Platforms
Minor None
146 Delimiter between Expressions or Commands
Major Applicable_Platforms
Minor None
147 Input Terminator
Major Applicable_Platforms
Minor None
148 Input Leader
Major Description
Minor None
150 Escape, Meta, or Control Character / Sequence
Major Applicable_Platforms, Potential_Mitigations
Minor None
151 Comment Element
Major Applicable_Platforms
Minor None
152 Macro Symbol
Major Applicable_Platforms
Minor None
153 Substitution Character
Major Applicable_Platforms
Minor None
154 Variable Name Delimiter
Major Description, Applicable_Platforms
Minor None
155 Wildcard or Matching Element
Major Applicable_Platforms
Minor None
156 Whitespace
Major Applicable_Platforms
Minor None
157 Grouping Element / Paired Delimiter
Major Applicable_Platforms
Minor None
158 Null Character / Null Byte
Major Applicable_Platforms
Minor Description
159 Common Special Element Manipulations
Major Description, Applicable_Platforms
Minor Context_Notes, Research_Gaps
160 Leading Special Element
Major Applicable_Platforms
Minor None
161 Multiple Leading Special Elements
Major Applicable_Platforms
Minor None
162 Trailing Special Element
Major Applicable_Platforms
Minor None
163 Multiple Trailing Special Elements
Major Applicable_Platforms
Minor None
164 Internal Special Element
Major Applicable_Platforms
Minor None
165 Multiple Internal Special Elements
Major Applicable_Platforms
Minor None
166 Missing Special Element
Major Applicable_Platforms
Minor None
167 Extra Special Element
Major Applicable_Platforms
Minor None
168 Inconsistent Special Elements
Major Applicable_Platforms
Minor None
169 Technology-Specific Special Elements
Major Description, Applicable_Platforms
Minor None
170 Improper Null Termination
Major Context_Notes, Node_Relationship
Minor None
171 Cleansing, Canonicalization, and Comparison Errors
Major Description
Minor None
172 Encoding Error
Major Description
Minor None
178 Case Sensitivity (Lowercase, Uppercase, Mixed Case)
Major Research_Gaps, AffectedResource, Node_Relationship
Minor Name
184 Incomplete Blacklist
Major None
Minor Context_Notes
187 Partial Comparison
Major None
Minor Context_Notes
188 Reliance on Data Layout
Major None
Minor Name, Common_Consequences
189 Numeric Errors
Major Description, Node_Relationship
Minor None
190 Integer Overflow (Wrap or Wraparound)
Major Description, Node_Relationship
Minor Name, Common_Consequences
191 Integer Underflow (Wrap or Wraparound)
Major None
Minor Name
192 Integer Coercion Error
Major None
Minor Name, Common_Consequences
193 Off-by-one Error
Major References, Applicable_Platforms
Minor Common_Consequences
194 Sign Extension Error
Major None
Minor Name, Common_Consequences
195 Signed to Unsigned Conversion Error
Major None
Minor Name, Common_Consequences
196 Unsigned to Signed Conversion Error
Major None
Minor Name, Common_Consequences
197 Numeric Truncation Error
Major Context_Notes
Minor Name, Common_Consequences
198 Numeric Byte Ordering Error
Major Description, Applicable_Platforms
Minor None
199 Information Management Errors
Major Description, Applicable_Platforms, Node_Relationship
Minor None
200 Information Leak (Information Disclosure)
Major Description, Applicable_Platforms, Node_Relationship
Minor Name
201 Information Leak Through Sent Data
Major Applicable_Platforms
Minor None
202 Information Leak Through Data Queries
Major Applicable_Platforms
Minor Common_Consequences
203 Discrepancy Information Leaks
Major Applicable_Platforms
Minor None
204 Response Discrepancy Information Leak
Major Applicable_Platforms
Minor None
205 Behavioral Discrepancy Information Leak
Major Applicable_Platforms
Minor None
206 Internal Behavioral Inconsistency Information Leak
Major Applicable_Platforms
Minor None
207 External Behavioral Inconsistency Information Leak
Major Applicable_Platforms
Minor None
208 Timing Discrepancy Information Leak
Major Applicable_Platforms
Minor None
209 Error Message Information Leaks
Major Applicable_Platforms
Minor Common_Consequences
210