Categories

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as /abs/path that can resolve to a location that is outside of that directory.

The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.

The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize ../ sequences that can resolve to a location that is outside of that directory.

The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

The software receives a request, message, or directive from an upstream component, but the software does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the software's control sphere. This causes the software to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor.

The software does not neutralize or incorrectly neutralizes output that is written to logs.

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.

The code transmits data to another actor, but the data contains sensitive information that should not be accessible to the actor that is receiving the data.

The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.