CWE-310: Cryptographic Issues
ID
CWE-310
Status
Draft
Number of CVEs
2482
Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed.
Relationships
| View | Weakness | ||||||
|---|---|---|---|---|---|---|---|
| # ID | Name | # ID | Name | Abstraction | Structure | Status | |
| CWE-699 | Software Development | CWE-261 | Weak Encoding for Password | Base | Simple | Incomplete | |
| CWE-699 | Software Development | CWE-324 | Use of a Key Past its Expiration Date | Base | Simple | Draft | |
| CWE-699 | Software Development | CWE-325 | Missing Cryptographic Step | Base | Simple | Draft | |
| CWE-699 | Software Development | CWE-328 | Use of Weak Hash | Base | Simple | Draft | |
| CWE-699 | Software Development | CWE-331 | Insufficient Entropy | Base | Simple | Draft | |
| CWE-699 | Software Development | CWE-334 | Small Space of Random Values | Base | Simple | Draft | |
| CWE-699 | Software Development | CWE-335 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) | Base | Simple | Draft | |
| CWE-699 | Software Development | CWE-338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) | Base | Simple | Draft | |
| CWE-699 | Software Development | CWE-347 | Improper Verification of Cryptographic Signature | Base | Simple | Draft | |
| CWE-699 | Software Development | CWE-916 | Use of Password Hash With Insufficient Computational Effort | Base | Simple | Incomplete | |
| CWE-699 | Software Development | CWE-1204 | Generation of Weak Initialization Vector (IV) | Base | Simple | Incomplete | |
| CWE-699 | Software Development | CWE-1240 | Use of a Cryptographic Primitive with a Risky Implementation | Base | Simple | Draft | |
CVEs Published
CVSS Severity
CVSS Severity - By Year
CVSS Base Score
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |
Loading...