Common Weakness Enumeration (CWE) Checklist

For C / C++ code, the CWE Checklist provides guided checklist review of the following rules. The ◄ symbol indicates rules where the Advanced edition of Imagix 4D provides more automated checking. The subset of these rules that are supported for Java code are identified by the ☉ symbol.

This checklist together with Imagix 4D is certified as CWE compatible by the CWE organization. A listing of this support is available as a CWE Coverage Claims Representation.

Each major and many minor releases of Imagix 4D add support for any CWE versions that have been released since the last such update. Currently, all CWE versions from 2.8 up through 3.3 are supported.

CWE Rules

CWE-14Compiler Removal of Code to Clear Buffers
CWE-20 ☉Improper Input Validation
CWE-22 ☉Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-23 ☉Relative Path Traversal
CWE-24 ☉Path Traversal: '../filedir'
CWE-25 ☉Path Traversal: '/../filedir'
CWE-26 ☉Path Traversal: '/dir/../filename'
CWE-27 ☉Path Traversal: 'dir/../../filename'
CWE-28 ☉Path Traversal: '..\filedir'
CWE-29 ☉Path Traversal: '\..\filename'
CWE-30 ☉Path Traversal: '\dir\..\filename'
CWE-31 ☉Path Traversal: 'dir\..\..\filename'
CWE-32 ☉Path Traversal: '...' (Triple Dot)
CWE-33 ☉Path Traversal: '....' (Multiple Dot)
CWE-34 ☉Path Traversal: '....//'
CWE-35 ☉Path Traversal: '.../...//'
CWE-36 ☉Absolute Path Traversal
CWE-37 ☉Path Traversal: '/absolute/pathname/here'
CWE-38 ☉Path Traversal: '\absolute\pathname\here'
CWE-39 ☉Path Traversal: 'C:dirname'
CWE-40 ☉Path Traversal: '\\UNC\share\name\' (Windows UNC Share)
CWE-41 ☉Improper Resolution of Path Equivalence
CWE-51 ☉Path Equivalence: '/multiple//internal/slash'
CWE-55 ☉Path Equivalence: '/./' (Single Dot Directory)
CWE-57 ☉Path Equivalence: 'fakedir/../realdir/filename'
CWE-59 ☉Improper Link Resolution Before File Access ('Link Following')
CWE-61UNIX Symbolic Link (Symlink) Following
CWE-62UNIX Hard Link
CWE-73External Control of File Name or Path
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component('Injection')
CWE-75Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
CWE-76Improper Neutralization of Equivalent Special Elements
CWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS CommandInjection')
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-88Argument Injection or Modification
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-90Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
CWE-91XML Injection (aka Blind XPath Injection)
CWE-93Improper Neutralization of CRLF Sequences ('CRLF Injection')
CWE-94Improper Control of Generation of Code ('Code Injection')
CWE-95Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CWE-96Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-97Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
CWE-99Improper Control of Resource Identifiers ('Resource Injection')
CWE-114Process Control
CWE-116Improper Encoding or Escaping of Output
CWE-117Improper Output Neutralization for Logs
CWE-123Write-what-where Condition
CWE-134Use of Externally-Controlled Format String
CWE-135Incorrect Calculation of Multi-Byte String Length
CWE-138Improper Neutralization of Special Elements
CWE-140Improper Neutralization of Delimiters
CWE-141Improper Neutralization of Parameter/Argument Delimiters
CWE-142Improper Neutralization of Value Delimiters
CWE-143Improper Neutralization of Record Delimiters
CWE-144Improper Neutralization of Line Delimiters
CWE-145Improper Neutralization of Section Delimiters
CWE-146Improper Neutralization of Expression/Command Delimiters
CWE-147Improper Neutralization of Input Terminators
CWE-148Improper Neutralization of Input Leaders
CWE-149Improper Neutralization of Quoting Syntax
CWE-150Improper Neutralization of Escape, Meta, or Control Sequences
CWE-151Improper Neutralization of Comment Delimiters
CWE-152Improper Neutralization of Macro Symbols
CWE-153Improper Neutralization of Substitution Characters
CWE-154Improper Neutralization of Variable Name Delimiters
CWE-155Improper Neutralization of Wildcards or Matching Symbols
CWE-156Improper Neutralization of Whitespace
CWE-157Failure to Sanitize Paired Delimiters
CWE-158Improper Neutralization of Null Byte or NUL Character
CWE-159Failure to Sanitize Special Element
CWE-160Improper Neutralization of Leading Special Elements
CWE-161Improper Neutralization of Multiple Leading Special Elements
CWE-162Improper Neutralization of Trailing Special Elements
CWE-163Improper Neutralization of Multiple Trailing Special Elements
CWE-164Improper Neutralization of Internal Special Elements
CWE-165Improper Neutralization of Multiple Internal Special Elements
CWE-166Improper Handling of Missing Special Element
CWE-167Improper Handling of Additional Special Element
CWE-168Improper Handling of Inconsistent Special Elements
CWE-172Encoding Error
CWE-173Improper Handling of Alternate Encoding
CWE-174Double Decoding of the Same Data
CWE-175Improper Handling of Mixed Encoding
CWE-176Improper Handling of Unicode Encoding
CWE-177Improper Handling of URL Encoding (Hex Encoding)
CWE-178Improper Handling of Case Sensitivity
CWE-179Incorrect Behavior Order: Early Validation
CWE-180Incorrect Behavior Order: Validate Before Canonicalize
CWE-181Incorrect Behavior Order: Validate Before Filter
CWE-182Collapse of Data into Unsafe Value
CWE-184 ☉Incomplete Blacklist
CWE-185Incorrect Regular Expression
CWE-186Overly Restrictive Regular Expression
CWE-187Partial Comparison
CWE-188 ☉Reliance on Data/Memory Layout
CWE-200Information Exposure
CWE-201Information Exposure Through Sent Data
CWE-203Information Exposure Through Discrepancy
CWE-204Response Discrepancy Information Exposure
CWE-209Information Exposure Through an Error Message
CWE-210Information Exposure Through Self-generated Error Message
CWE-211Information Exposure Through Externally-generated Error Message
CWE-212Improper Cross-boundary Removal of Sensitive Data
CWE-215Information Exposure Through Debug Information
CWE-216Containment Errors (Container Errors)
CWE-227 ☉Improper Fulfillment of API Contract ('API Abuse')
CWE-241Improper Handling of Unexpected Data Type
CWE-252Unchecked Return Value
CWE-253Incorrect Check of Function Return Value
CWE-273Improper Check for Dropped Privileges
CWE-311Missing Encryption of Sensitive Data
CWE-319Cleartext Transmission of Sensitive Information
CWE-354Improper Validation of Integrity Check Value
CWE-364 ◄Signal Handler Race Condition
CWE-365 ◄Race Condition in Switch
CWE-374Passing Mutable Objects to an Untrusted Method
CWE-375Returning a Mutable Object to an Untrusted Caller
CWE-378Creation of Temporary File With Insecure Permissions
CWE-379Creation of Temporary File in Directory with Incorrect Permissions
CWE-390Detection of Error Condition Without Action
CWE-391Unchecked Error Condition
CWE-394Unexpected Status Code or Return Value
CWE-405 ◄Asymmetric Resource Consumption (Amplification)
CWE-406Insufficient Control of Network Message Volume (Network Amplification)
CWE-407 ☉Algorithmic Complexity
CWE-408 ◄Incorrect Behavior Order: Early Amplification
CWE-409Improper Handling of Highly Compressed Data (Data Amplification)
CWE-410Insufficient Resource Pool
CWE-412 ◄Unrestricted Externally Accessible Lock
CWE-413 ◄Improper Resource Locking
CWE-414 ◄Missing Lock Check
CWE-430Deployment of Wrong Handler
CWE-431Missing Handler
CWE-432 ◄Dangerous Signal Handler not Disabled During Sensitive Operations
CWE-447 ☉Unimplemented or Unsupported Feature in UI
CWE-453Insecure Default Variable Initialization
CWE-454External Initialization of Trusted Variables or Data Stores
CWE-455Non-exit on Failed Initialization
CWE-456Missing Initialization of a Variable
CWE-460Improper Cleanup on Thrown Exception
CWE-462Duplicate Key in Associative List (Alist)
CWE-463Deletion of Data Structure Sentinel
CWE-464Addition of Data Structure Sentinel
CWE-470Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
CWE-472External Control of Assumed-Immutable Web Parameter
CWE-474 ☉Use of Function with Inconsistent Implementations
CWE-479 ◄Signal Handler Use of a Non-reentrant Function
CWE-488 ◄Exposure of Data Element to Wrong Session
CWE-489 ☉Leftover Debug Code
CWE-493 ☉Critical Public Variable Without Final Modifier
CWE-494Download of Code Without Integrity Check
CWE-496Public Data Assigned to Private Array-Typed Field
CWE-497Exposure of System Data to an Unauthorized Control Sphere
CWE-498 ☉Cloneable Class Containing Sensitive Information
CWE-500 ☉Public Static Field Not Marked Final
CWE-502 ☉Deserialization of Untrusted Data
CWE-506 ☉Embedded Malicious Code
CWE-507 ☉Trojan Horse
CWE-508Non-Replicating Malicious Code
CWE-509 ☉Replicating Malicious Code (Virus or Worm)
CWE-511 ☉Logic/Time Bomb
CWE-512 ☉Spyware
CWE-524 ☉Information Exposure Through Caching
CWE-526Information Exposure Through Environmental Variables
CWE-538File and Directory Information Exposure
CWE-539 ☉Information Exposure Through Persistent Cookies
CWE-543 ◄Use of Singleton Pattern Without Synchronization in a Multithreaded Context
CWE-544Missing Standardized Error Handling Mechanism
CWE-546 ☉Suspicious Comment
CWE-548 ☉Information Exposure Through Directory Listing
CWE-584Return Inside Finally Block
CWE-587Assignment of a Fixed Address to a Pointer
CWE-591Sensitive Data Storage in Improperly Locked Memory
CWE-595Comparison of Object References Instead of Object Contents
CWE-598Information Exposure Through Query Strings in GET Request
CWE-605Multiple Binds to the Same Port
CWE-622 ☉Improper Validation of Function Hook Arguments
CWE-636 ☉Not Failing Securely ('Failing Open')
CWE-637 ☉Unnecessary Complexity in Protection Mechanism (Not Using 'Economy of Mechanism')
CWE-638Not Using Complete Mediation
CWE-641Improper Restriction of Names for Files and Other Resources
CWE-643Improper Neutralization of Data within XPath Expressions ('XPath Injection')
CWE-652Improper Neutralization of Data within XQuery Expressions ('XQuery Injection')
CWE-663 ◄Use of a Non-reentrant Function in a Concurrent Context
CWE-664Improper Control of a Resource Through its Lifetime
CWE-666 ☉Operation on Resource in Wrong Phase of Lifetime
CWE-674 ☉Uncontrolled Recursion
CWE-688Function Call With Incorrect Variable or Reference as Argument
CWE-694Use of Multiple Resources with Duplicate Identifier
CWE-754Improper Check for Unusual or Exceptional Conditions
CWE-759Use of a One-Way Hash without a Salt
CWE-761Free of Pointer not at Start of Buffer
CWE-765 ◄Multiple Unlocks of a Critical Resource
CWE-767Access to Critical Private Variable via Public Method
CWE-773 ◄Missing Reference to Active File Descriptor or Handle
CWE-774 ◄Allocation of File Descriptors or Handles Without Limits or Throttling
CWE-777Regular Expression without Anchors
CWE-785Use of Path Manipulation Function without Maximum-sized Buffer
CWE-789Uncontrolled Memory Allocation
CWE-806Buffer Access Using Size of Source Buffer
CWE-828 ◄Signal Handler with Functionality that is not Asynchronous-Safe
CWE-909Missing Initialization of Resource
CWE-912Hidden Functionality
CWE-913Improper Control of Dynamically-Managed Code Resources
CWE-914Improper Control of Dynamically-Identified Variables
CWE-915Improperly Controlled Modification of Dynamically-Determined Object Attributes
CWE-916 ☉Use of Password Hash With Insufficient Computational Effort
CWE-940 ☉Improper Verification of Source of a Communication Channel
CWE-943Improper Neutralization of Special Elements in Data Query Logic