forked from microsoft/tslint-microsoft-contrib
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cwe_descriptions.json
44 lines (44 loc) · 2.39 KB
/
cwe_descriptions.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
{
"22": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"75": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)",
"79": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"85": "Doubled Character XSS Manipulations",
"88": "Argument Injection or Modification",
"95": "Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
"116": "Improper Encoding or Escaping of Output",
"157": "Failure to Sanitize Paired Delimiters",
"159": "Failure to Sanitize Special Element",
"242": "Use of Inherently Dangerous Function",
"315": "Cleartext Storage of Sensitive Information in a Cookie",
"319": "Cleartext Transmission of Sensitive Information",
"330": "Use of Insufficiently Random Values",
"351": "Insufficient Type Distinction",
"398": "Indicator of Poor Code Quality",
"453": "Insecure Default Variable Initialization",
"454": "External Initialization of Trusted Variables or Data Stores",
"456": "Missing Initialization of a Variable",
"462": "Duplicate Key in Associative List (Alist)",
"474": "Use of Function with Inconsistent Implementations",
"478": "Missing Default Case in Switch Statement",
"480": "Use of Incorrect Operator",
"481": "Assigning instead of Comparing",
"483": "Incorrect Block Delimitation",
"484": "Omitted Break Statement in Switch",
"539": "Information Exposure Through Persistent Cookies",
"546": "Suspicious Comment",
"563": "Assignment to Variable without Use ('Unused Variable')",
"565": "Reliance on Cookies without Validation and Integrity Checking",
"570": "Expression is Always False",
"571": "Expression is Always True",
"584": "Return Inside Finally Block",
"597": "Use of Wrong Operator in String Comparison",
"614": "Sensitive Cookie in HTTPS Session Without 'Secure' Attribute",
"670": "Always-Incorrect Control Flow Implementation",
"676": "Use of Potentially Dangerous Function",
"694": "Use of Multiple Resources with Duplicate Identifier",
"704": "Incorrect Type Conversion or Cast",
"705": "Incorrect Control Flow Scoping",
"710": "Coding Standards Violation",
"749": "Exposed Dangerous Method or Function",
"915": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
}