Versions Compared

Old Version 3

changes.mady.by.user Izabela Jarosz

Saved on

compared with

New Version 4

changes.mady.by.user Izabela Jarosz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

CWE Weaknesses On the Cusp 2024 Mapping

ID

Name/description

Parasoft rule ID(s)

CWE-770

Allocation of Resources Without Limits or Throttling

  • CWE.770.TDALLOC
  • CWE.770.ISTART

CWE-668

Exposure of Resource to Wrong Sphere

  • CWE.668.SENS
  • CWE.668.SENSLOG
  • CWE.668.TDINPUT
  • CWE.668.TDLIB
  • CWE.668.TDPASSWD
  • CWE.668.RR
  • CWE.668.UPWD
  • CWE.668.MFP
  • CWE.668.IMM
  • CWE.668.PSFA
  • CWE.668.PLAIN
  • CWE.668.SYSP
  • CWE.668.SPFF
  • CWE.668.CONSEN
  • CWE.668.PEO
  • CWE.668.RA
  • CWE.668.SIF
  • CWE.668.SIO
  • CWE.668.ATF
  • CWE.668.PCCF
  • CWE.668.PTPT
  • CWE.668.PWDPROP
  • CWE.668.PWDXML
  • CWE.668.UTAX
  • CWE.668.WCPWD
  • CWE.668.WPWD
  • CWE.668.ACPST
  • CWE.668.APIBS
  • CWE.668.ASNF
  • CWE.668.CFAP
  • CWE.668.CKTS
  • CWE.668.CLONE
  • CWE.668.EWSSEC
  • CWE.668.IDP
  • CWE.668.INNER
  • CWE.668.PBRTE
  • CWE.668.SCHTTP
  • CWE.668.SER
  • CWE.668.USC
  • CWE.668.UCO

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

  • CWE.74.EACM
  • CWE.74.TDCMD
  • CWE.74.TDCODE
  • CWE.74.TDDIG
  • CWE.74.TDJXPATH
  • CWE.74.TDLDAP
  • CWE.74.TDNET
  • CWE.74.TDRESP
  • CWE.74.TDSQL
  • CWE.74.TDXML
  • CWE.74.TDXPATH
  • CWE.74.TDXSS
  • CWE.74.VPPD
  • CWE.74.UPS
  • CWE.74.XPIJ
  • CWE.74.DCEMSL
  • CWE.74.ARXML
  • CWE.74.ASAPI
  • CWE.74.DFV

CWE-427

Uncontrolled Search Path Element

  • CWE.427.PBRTE

CWE-639

Authorization Bypass Through User-Controlled Key

  • N/A

CWE-532

Insertion of Sensitive Information into Log File

  • CWE.532.SENSLOG
  • CWE.532.CONSEN

CWE-732

Incorrect Permission Assignment for Critical Resource

  • CWE.732.ASNF
  • CWE.732.CFAP
  • CWE.732.IDP
  • CWE.732.SCHTTP

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

  • CWE.601.TDNET
  • CWE.601.TDRESP
  • CWE.601.VRD
  • CWE.601.UCO

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

  • CWE.362.TOCTOU
  • CWE.362.DCL

CWE-522

Insufficiently Protected Credentials

  • CWE.522.TDPASSWD
  • CWE.522.UPWD
  • CWE.522.PLAIN
  • CWE.522.PCCF
  • CWE.522.PTPT
  • CWE.522.PWDPROP
  • CWE.522.PWDXML
  • CWE.522.UTAX
  • CWE.522.WCPWD
  • CWE.522.WPWD
  • CWE.522.CKTS
  • CWE.522.USC

CWE-276

Incorrect Default Permissions

  • CWE.276.ASNF
  • CWE.276.CFAP

CWE-203

Observable Discrepancy

  • N/A

CWE-59

Improper Link Resolution Before File Access ('Link Following')

  • CWE.59.FOLLOW
  • CWE.59.LNK

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

  • CWE.843.EQUS

CWE-312

Cleartext Storage of Sensitive Information

  • CWE.312.PLAIN
  • CWE.312.PLC
  • CWE.312.PWDPROP

CWE Weaknesses On the Cusp 2023 Mapping

...