Categories

The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.

The software does not handle or incorrectly handles an exceptional condition.