CWE-991: SFP Secondary Cluster: Tainted Input to Environment
ID
CWE-991
Status
Incomplete
This category identifies Software Fault Patterns (SFPs) within the Tainted Input to Environment cluster (SFP27).
Relationships
View | Weakness | ||||||
---|---|---|---|---|---|---|---|
# ID | Name | # ID | Name | Abstraction | Structure | Status | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-114 | Process Control | Class | Simple | Incomplete | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-427 | Uncontrolled Search Path Element | Base | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-470 | Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') | Base | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-471 | Modification of Assumed-Immutable Data (MAID) | Base | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-472 | External Control of Assumed-Immutable Web Parameter | Base | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-473 | PHP External Variable Modification | Variant | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-494 | Download of Code Without Integrity Check | Base | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-622 | Improper Validation of Function Hook Arguments | Variant | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-673 | External Influence of Sphere Definition | Class | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-94 | Improper Control of Generation of Code ('Code Injection') | Base | Simple | Draft |
Loading...