|
1 | 1 | "15","External Control of System or Configuration Setting" |
| 2 | +"19","Data Processing Errors" |
2 | 3 | "20","Improper Input Validation" |
3 | 4 | "22","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" |
4 | 5 | "23","Relative Path Traversal" |
|
26 | 27 | "123","Write-what-where Condition" |
27 | 28 | "124","Buffer Underwrite ('Buffer Underflow')" |
28 | 29 | "125","Out-of-bounds Read" |
| 30 | +"126","Buffer Over-read" |
29 | 31 | "128","Wrap-around Error" |
30 | 32 | "129","Improper Validation of Array Index" |
31 | 33 | "130","Improper Handling of Length Parameter Inconsistency" |
32 | 34 | "131","Incorrect Calculation of Buffer Size" |
33 | 35 | "134","Use of Externally-Controlled Format String" |
34 | 36 | "135","Incorrect Calculation of Multi-Byte String Length" |
| 37 | +"138","Improper Neutralization of Special Elements" |
35 | 38 | "140","Improper Neutralization of Delimiters" |
| 39 | +"153","Improper Neutralization of Substitution Characters" |
| 40 | +"154","Improper Neutralization of Variable Name Delimiters" |
| 41 | +"155","Improper Neutralization of Wildcards or Matching Symbols" |
| 42 | +"156","Improper Neutralization of Whitespace" |
36 | 43 | "166","Improper Handling of Missing Special Element" |
37 | 44 | "167","Improper Handling of Additional Special Element" |
38 | 45 | "168","Improper Handling of Inconsistent Special Elements" |
|
50 | 57 | "192","Integer Coercion Error" |
51 | 58 | "193","Off-by-one Error" |
52 | 59 | "194","Unexpected Sign Extension" |
| 60 | +"195","Signed to Unsigned Conversion Error" |
| 61 | +"196","Unsigned to Signed Conversion Error" |
53 | 62 | "197","Numeric Truncation Error" |
54 | 63 | "198","Use of Incorrect Byte Ordering" |
55 | 64 | "201","Insertion of Sensitive Information Into Sent Data" |
|
65 | 74 | "223","Omission of Security-relevant Information" |
66 | 75 | "224","Obscured Security-relevant Information by Alternate Name" |
67 | 76 | "226","Sensitive Information in Resource Not Removed Before Reuse" |
| 77 | +"227", "API Abuse" |
68 | 78 | "229","Improper Handling of Values" |
69 | 79 | "233","Improper Handling of Parameters" |
70 | 80 | "237","Improper Handling of Structural Elements" |
|
77 | 87 | "253","Incorrect Check of Function Return Value" |
78 | 88 | "256","Unprotected Storage of Credentials" |
79 | 89 | "257","Storing Passwords in a Recoverable Format" |
| 90 | +"259","Use of Hard-coded Password" |
80 | 91 | "260","Password in Configuration File" |
81 | 92 | "261","Weak Encoding for Password" |
82 | 93 | "262","Not Using Password Aging" |
|
185 | 196 | "433","Unparsed Raw Web Content Delivery" |
186 | 197 | "434","Unrestricted Upload of File with Dangerous Type" |
187 | 198 | "437","Incomplete Model of Endpoint Features" |
| 199 | +"438","Behavioral Problems" |
188 | 200 | "439","Behavioral Change in New Version or Environment" |
189 | 201 | "440","Expected Behavior Violation" |
190 | 202 | "444","Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')" |
|
245 | 257 | "569","Expression Issues" |
246 | 258 | "570","Expression is Always False" |
247 | 259 | "571","Expression is Always True" |
| 260 | +"572","Call to Thread run() instead of start()" |
248 | 261 | "573","Improper Following of Specification by Caller" |
249 | 262 | "580","clone() Method Without super.clone()" |
250 | 263 | "581","Object Model Violation: Just One of Equals and Hashcode Defined" |
|
287 | 300 | "664","Improper Control of a Resource Through its Lifetime" |
288 | 301 | "665","Improper Initialization" |
289 | 302 | "667", "Improper Locking" |
| 303 | +"670","Always-Incorrect Control Flow Implementation" |
290 | 304 | "672","Operation on a Resource after Expiration or Release" |
| 305 | +"674","Uncontrolled Recursion" |
291 | 306 | "676","Use of Potentially Dangerous Function" |
292 | 307 | "681","Incorrect Conversion between Numeric Types" |
293 | 308 | "682","Incorrect Calculation" |
294 | 309 | "683","Function Call With Incorrect Order of Arguments" |
295 | 310 | "685","Function Call With Incorrect Number of Arguments" |
296 | 311 | "686","Function Call With Incorrect Argument Type" |
297 | 312 | "688","Function Call With Incorrect Variable or Reference as Argument" |
| 313 | +"691","Insufficient Control Flow Management" |
298 | 314 | "694","Use of Multiple Resources with Duplicate Identifier" |
299 | 315 | "695","Use of Low-Level Functionality" |
300 | 316 | "697","Incorrect Comparison" |
|
366 | 382 | "1006","Bad Coding Practices" |
367 | 383 | "1007","Insufficient Visual Distinction of Homoglyphs Presented to User" |
368 | 384 | "1021","Improper Restriction of Rendered UI Layers or Frames" |
| 385 | +"1023","Incomplete Comparison with Missing Factors" |
369 | 386 | "1024","Comparison of Incompatible Types" |
370 | 387 | "1025","Comparison Using Wrong Factors" |
371 | 388 | "1037","Processor Optimization Removal or Modification of Security-critical Code" |
|
457 | 474 | "1240","Use of a Risky Cryptographic Primitive" |
458 | 475 | "1241","Use of Predictable Algorithm in Random Number Generator" |
459 | 476 | "1265","Unintended Reentrant Invocation of Non-reentrant Code Via Nested Calls" |
| 477 | +"9001","Low Level Non-security Compiler Warning" |
0 commit comments