CWE-1308: CISQ Quality Measures - Security
ID
CWE-1308
Status
Incomplete
Weaknesses in this category are related to the CISQ Quality Measures for Security. Presence of these weaknesses could reduce the security of the software.
Relationships
View | Weakness | ||||||
---|---|---|---|---|---|---|---|
# ID | Name | # ID | Name | Abstraction | Structure | Status | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | Base | Simple | Stable | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-77 | Improper Neutralization of Special Elements used in a Command ('Command Injection') | Class | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-89 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | Base | Simple | Stable | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-90 | Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-91 | XML Injection (aka Blind XPath Injection) | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-99 | Improper Control of Resource Identifiers ('Resource Injection') | Class | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | Class | Simple | Stable | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-129 | Improper Validation of Array Index | Variant | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-134 | Use of Externally-Controlled Format String | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-252 | Unchecked Return Value | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-404 | Improper Resource Shutdown or Release | Class | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-424 | Improper Protection of Alternate Path | Class | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-434 | Unrestricted Upload of File with Dangerous Type | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-477 | Use of Obsolete Function | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-480 | Use of Incorrect Operator | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-502 | Deserialization of Untrusted Data | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-570 | Expression is Always False | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-571 | Expression is Always True | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-606 | Unchecked Input for Loop Condition | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-611 | Improper Restriction of XML External Entity Reference | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-643 | Improper Neutralization of Data within XPath Expressions ('XPath Injection') | Base | Simple | Incomplete | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-652 | Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') | Base | Simple | Incomplete | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-662 | Improper Synchronization | Class | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-665 | Improper Initialization | Class | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-672 | Operation on a Resource after Expiration or Release | Class | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-681 | Incorrect Conversion between Numeric Types | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-682 | Incorrect Calculation | Pillar | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-732 | Incorrect Permission Assignment for Critical Resource | Class | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-778 | Insufficient Logging | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-783 | Operator Precedence Logic Error | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-789 | Memory Allocation with Excessive Size Value | Variant | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-79 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Base | Simple | Stable | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-798 | Use of Hard-coded Credentials | Base | Simple | Draft | |
CWE-1305 | CISQ Quality Measures (2020) | CWE-835 | Loop with Unreachable Exit Condition ('Infinite Loop') | Base | Simple | Incomplete |
Loading...