Categories

The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.

The software assigns the wrong ownership, or does not properly verify the ownership, of an object or resource.

Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.

The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere.

The hardware does not fully clear security-sensitive values, such as keys and intermediate values in cryptographic operations, when debug mode is entered.

The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter or argument delimiters when they are sent to a downstream component.

The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or incorrectly validates that the input is actually consistent.

The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as expression or command delimiters when they are sent to a downstream component.

The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.