Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  

CWE CATEGORY: Cleansing, Canonicalization, and Comparison Errors

Category ID: 171
Status: Draft
+ Description

Description Summary

Weaknesses in this category are related to improper handling of data within protection mechanisms that attempt to perform neutralization for untrusted data.
+ Applicable Platforms



+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory137Representation Errors
Development Concepts (primary)699
Weaknesses for Simplified Mapping of Published Vulnerabilities (primary)1003
ChildOfCategoryCategory845CERT Java Secure Coding Section 00 - Input Validation and Data Sanitization (IDS)
Weaknesses Addressed by the CERT Java Secure Coding Standard (primary)844
CanPrecedeWeakness VariantWeakness Variant289Authentication Bypass by Alternate Name
Research Concepts1000
ParentOfWeakness ClassWeakness Class172Encoding Error
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base178Improper Handling of Case Sensitivity
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base179Incorrect Behavior Order: Early Validation
Development Concepts699
ParentOfWeakness BaseWeakness Base180Incorrect Behavior Order: Validate Before Canonicalize
Development Concepts699
ParentOfWeakness BaseWeakness Base181Incorrect Behavior Order: Validate Before Filter
Development Concepts699
ParentOfWeakness BaseWeakness Base182Collapse of Data into Unsafe Value
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base183Permissive Whitelist
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base184Incomplete Blacklist
Development Concepts (primary)699
ParentOfWeakness ClassWeakness Class185Incorrect Regular Expression
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base187Partial Comparison
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant478Missing Default Case in Switch Statement
Development Concepts699
ParentOfWeakness VariantWeakness Variant486Comparison of Classes by Name
Development Concepts699
ParentOfWeakness BaseWeakness Base595Comparison of Object References Instead of Object Contents
Development Concepts699
ParentOfWeakness BaseWeakness Base596Incorrect Semantic Object Comparison
Development Concepts699
ParentOfWeakness ClassWeakness Class697Insufficient Comparison
Development Concepts (primary)699
ParentOfWeakness ClassWeakness Class707Improper Enforcement of Message or Data Structure
Development Concepts (primary)699
Weaknesses for Simplified Mapping of Published Vulnerabilities (primary)1003
ParentOfWeakness VariantWeakness Variant768Incorrect Short Circuit Evaluation
Development Concepts (primary)699
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERCleansing, Canonicalization, and Comparison Errors
CERT Java Secure CodingIDS02-JCanonicalize path names before validating them
+ References
[REF-11] M. Howard and D. LeBlanc. "Writing Secure Code". 2nd Edition. Microsoft. 2002.
+ Content History
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Taxonomy_Mappings
2009-05-27CWE Content TeamMITREInternal
updated Relationships
2009-12-28CWE Content TeamMITREInternal
updated Applicable_Platforms
2011-06-01CWE Content TeamMITREInternal
updated Description, Relationships, Taxonomy_Mappings
2012-05-11CWE Content TeamMITREInternal
updated References, Related_Attack_Patterns, Taxonomy_Mappings
2012-10-30CWE Content TeamMITREInternal
updated Potential_Mitigations
2013-02-21CWE Content TeamMITREInternal
updated Potential_Mitigations
2015-12-07CWE Content TeamMITREInternal
updated Relationships
2017-01-19CWE Content TeamMITREInternal
updated Relationships

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017