|
Common Quality EnumerationA Community-Developed Dictionary of Quality Issues |
|
|
|
CQE Glossary Definition |
 |
CQE-9199: Comprehensive Consequences View
Comprehensive Consequences View |
[an error occurred while processing this directive]
Definition in a New Window 
|
| View ID: 9199 | Maturity: Preliminary |
View DataView Objective
This view (slice) covers all the Consequences in CQE.
View Filter: name()='Consequence'
View Metrics| Formal CQE IDs (this view) | Micro Elements (this view) | Total Catalog | |||||
|---|---|---|---|---|---|---|---|
| Total Elements | 0 | out of | 160 | 26 | out of | 66 | 226 |
| Views | 0 | out of | 7 | 7 | |||
| Quality_Characteristics | 0 | out of | 41 | 41 | |||
| Quality_Issues | 0 | out of | 112 | 112 | |||
| Practices | 0 | out of | 40 | 40 | |||
| Consequences | 26 | out of | 26 | 26 | |||
View Components
View Components
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
Arbitrary Code Execution |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9017 | Maturity: Preliminary |
DescriptionDescription Summary
Arbitrary Code Execution may result when programming logic or conditions allow code to be executed outside of expected functional parameters.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 79 | Cross-site Scripting Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 134 | Format String Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 434 | File Upload Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 798 | Hard-Coded Credentials Usage for Remote Authentication | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9063 | Authentication Practices | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9095 | File Upload Control | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9097 | Output Generation | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9129 | Output Formatting Control | Default Graph (primary)9001 |
Data Corruption |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9054 | Maturity: Preliminary |
DescriptionDescription Summary
Data Corruption may result when programming logic creates scenarios in which data is modified or removed in a manner inconsistent with expected parameters.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 22 | Path Traversal Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9049 | Array Indexing | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9078 | Memory Management | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9104 | Data Encapsulation | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9153 | Data Element Declared Public | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9181 | Method Containing Access of a Member Element from Another Class | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9183 | File Path Control | Default Graph (primary)9001 |
Deadlock |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9028 | Maturity: Preliminary |
DescriptionDescription Summary
Deadlock may result when processing is suspended while waiting on a currently locked resource to become available and unlocked. However, the lock is never released and the state remains locked.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 667 | Shared Resource Improper Locking | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9018 | Modules with Circular Dependencies | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9070 | Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9172 | State Protection | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9178 | Locking | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9192 | Singleton Class Instance Creation without Proper Lock Element Management | Default Graph (primary)9001 |
Degraded Comprehension |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9145 | Maturity: Preliminary |
DescriptionDescription Summary
Degraded Comprehension may result when conditions are too complex, disorderly, or non-sensical to be interpreted by human understanding.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 252 | Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource | Default Graph (primary)9001 |
| CanFollow | Is Issue | 396 | Declaration of Catch for Generic Exception | Default Graph (primary)9001 |
| CanFollow | Is Issue | 397 | Declaration of Throws for Generic Exception | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9007 | Architecture with Number of Horizontal Layers Outside of Expected Range | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9036 | Unrestricted Data Operations | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9052 | Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9093 | Invokable Control Element with Signature Containing an Excessive Number of Parameters | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9108 | Empty Exception Block | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9121 | Structured Programming | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9123 | Class with an Excessive Inheritance Level | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9124 | Layered Architectures | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9131 | Error/Exception Handling | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9134 | Unconditional Control Flow Transfer outside of Switch Block | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9137 | Unrestricted Parameters | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9160 | Invokable Control Element with Excessive File or Data Access Operations | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9184 | Use of Same Invokable Control Element in Multiple Architectural Layers | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9185 | Excessive Cyclomatic Complexity Within an Invokable Control Element | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9220 | Excessive Use of Unconditional Branching | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9222 | Excessive Cyclomatic Complexity | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9223 | Excessive Halstead Complexity | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9224 | Excessive Use of Self-Modifying Code | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9225 | Excessively Deep Nesting | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9227 | Declaration of Variable with Unnecessarily Wide Scope | Default Graph (primary)9001 |
Denial of Service |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9031 | Maturity: Preliminary |
DescriptionDescription Summary
Denial of Service may result if resources are exhausted at the time which they are called upon.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 672 | Expired or Released Resource Usage | Default Graph (primary)9001 |
| CanFollow | Is Issue | 772 | Missing Release of Resource after Effective Lifetime | Default Graph (primary)9001 |
Erroneous Behaviors |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9057 | Maturity: Preliminary |
DescriptionDescription Summary
Unpredictable or erroneous behaviors may result when programming logic, data, or conditions interact in a way that is outside of expected functional parameters.
RelationshipsExcessive Modification Effort |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9113 | Maturity: Preliminary |
DescriptionDescription Summary
Excessive Modification Effort may result when code, documentation, or other conditions are too complex, disorderly, or non-sensical to be understood and modified in a timely or efficient manner.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 9007 | Architecture with Number of Horizontal Layers Outside of Expected Range | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9011 | Use of Redundant Code | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9052 | Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9060 | Multiple Inheritance from Concrete Classes | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9079 | Unreachable Invokable Control Element | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9088 | Reuse | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9089 | Code Comments | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9123 | Class with an Excessive Inheritance Level | Default Graph9001 |
| CanFollow | Pr Practice | 9124 | Layered Architectures | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9131 | Error/Exception Handling | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9161 | Excessive Volume of Commented-out Code | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9165 | Class with Excessive Number of Child Classes | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9184 | Use of Same Invokable Control Element in Multiple Architectural Layers | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9225 | Excessively Deep Nesting | Default Graph9001 |
Excessive Propagation of Modification Impacts |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9141 | Maturity: Preliminary |
DescriptionDescription Summary
Excessive Propagation of Modification Impacts may result when modifications are used that cause complex outward dependencies, excess lines of code, or other unnecessarily complex behavior that impacts significant results downstream in the code.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Pr Practice | 9016 | Modular Development | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9018 | Modules with Circular Dependencies | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9024 | Callable and Method Control Element Number of Outward Calls | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9151 | Source Code File with Excessive Number of Lines of Code | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9190 | Loop Condition Value Update within the Loop | Default Graph (primary)9001 |
Excessive Resource Expenditure |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9039 | Maturity: Preliminary |
DescriptionDescription Summary
Excessive Resource Expenditure may result when code does not manage or utilize resources in an efficient manner.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 9004 | Static Member Data Element outside of a Singleton Class Element | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9005 | Data Element Aggregating an Excessively Large Number of Non-Primitive Elements | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9014 | Creation of Immutable Text Using String Concatenation | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9027 | Excessive Data Query Operations in a Large Data Table | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9041 | Excessive Platform Resource Consumption within a Loop | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9061 | Recursion | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9077 | Excessive Number of Data Accesses using Inefficient Procedures | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9083 | Iteration Control | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9090 | Initialization within a Static Code Block | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9094 | Resource Bounds | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9103 | Excessive Execution of Sequential Searches of Data Resource | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9105 | Data Access Constructs | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9112 | Allocation of Memory without Associated Release | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9116 | Data Resource Access without Use of Connection Pooling | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9122 | Non-SQL Named Callable and Method Control Element with Excessive Number of Data Resource Access | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9144 | Resource Monitoring | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9167 | Stored Procedures & Functions | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9175 | Excessive Number of Indices for a Large Data Table | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9176 | Coding Practices | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9182 | Use of Data Element without Invoking Deconstructor Method | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9187 | Excessive Index Range Scan for a Data Resource | Default Graph (primary)9001 |
Execution of Arbitrary Code |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9059 | Maturity: Preliminary |
Description
Description Summary
Exposed Functionality |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9035 | Maturity: Preliminary |
DescriptionDescription Summary
Exposed Functionality may result when the method or logic used in code, authentication, or other software components are exposed to unintended actors.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 798 | Hard-Coded Credentials Usage for Remote Authentication | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9063 | Authentication Practices | Default Graph (primary)9001 |
Exposed Resources |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9032 | Maturity: Preliminary |
DescriptionDescription Summary
Exposed Resources may result when CPU cycles, memory, file data and other components are exposed to unintended actors.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 798 | Hard-Coded Credentials Usage for Remote Authentication | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9063 | Authentication Practices | Default Graph (primary)9001 |
Failure |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9143 | Maturity: Preliminary |
DescriptionDescription Summary
Failure is a class of Consequences that includes any number of results due to unexpected parameters, conditions or logic during code execution.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 120 | Buffer Copy without Checking Size of Input | Default Graph (primary)9001 |
| CanFollow | Is Issue | 129 | Array Index Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 606 | Unchecked Input for Loop Condition | Default Graph (primary)9001 |
| CanFollow | Is Issue | 672 | Expired or Released Resource Usage | Default Graph (primary)9001 |
| CanFollow | Is Issue | 772 | Missing Release of Resource after Effective Lifetime | Default Graph (primary)9001 |
| CanFollow | Is Issue | 789 | Uncontrolled Memory Allocation | Default Graph (primary)9001 |
| CanFollow | Is Issue | 835 | Loop with Unreachable Exit Condition ('Infinite Loop') | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9006 | OS Command Execution | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9010 | Execution Status Control | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9026 | Remote System Call Blocking | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9042 | Initialization with Hard-Coded Network Resource Configuration Data | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9049 | Array Indexing | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9068 | Embedded Network Configuration | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9078 | Memory Management | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9083 | Iteration Control | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9085 | Numerical Conversion | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9173 | Synchronous Call Time-Out Absence | Default Graph (primary)9001 |
Increased (Access) Time |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9140 | Maturity: Preliminary |
DescriptionDescription Summary
Increased Access Time may result when code runs in an inefficient manner, resources are exhausted, or any number of conditions that take more than optimal cycles to complete.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 9069 | Data Access Operations Outside of Expected Data Manager Component | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9096 | Cache Maintenance | Default Graph (primary)9001 |
Information Disclosure |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9189 | Maturity: Preliminary |
DescriptionDescription Summary
Information Disclosure may result when sensitive data or feedback is unintentionally provided to unauthorized actors.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 134 | Format String Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9063 | Authentication Practices | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9129 | Output Formatting Control | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9183 | File Path Control | Default Graph (primary)9001 |
Livelock |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9082 | Maturity: Preliminary |
DescriptionDescription Summary
Livelock may result when processing is suspended while a resource's lock-state continues to change.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 9018 | Modules with Circular Dependencies | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9070 | Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9172 | State Protection | Default Graph (primary)9001 |
| CanFollow | Is Issue | 9192 | Singleton Class Instance Creation without Proper Lock Element Management | Default Graph (primary)9001 |
Loss of Data Integrity |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9038 | Maturity: Preliminary |
DescriptionDescription Summary
Loss of Data Integrity may result when accuracy and consistency of data degrades over its life-cycle, or when unexpectedly exposed to unauthorized actors.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 120 | Buffer Copy without Checking Size of Input | Default Graph (primary)9001 |
| CanFollow | Is Issue | 129 | Array Index Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 789 | Uncontrolled Memory Allocation | Default Graph (primary)9001 |
Math Error |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9146 | Maturity: Preliminary |
DescriptionDescription Summary
A Math Error may result when incorrect parameters are supplied to a mathematical function, the programming logic is incorrect in some way, or improper implementation of algorithms cause casting errors, precision errors, or other algorithmic errors.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 681 | Numeric Types Incorrect Conversion | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9085 | Numerical Conversion | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9170 | Initialization Practices | Default Graph (primary)9001 |
Memory Corruption |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9022 | Maturity: Preliminary |
DescriptionDescription Summary
Memory Corruption may result when array index bounds are not adhered to, or memory addresses are written to or modified directly.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 120 | Buffer Copy without Checking Size of Input | Default Graph (primary)9001 |
| CanFollow | Is Issue | 789 | Uncontrolled Memory Allocation | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9049 | Array Indexing | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9078 | Memory Management | Default Graph (primary)9001 |
Poisoned Data Usage |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9154 | Maturity: Preliminary |
Description
Description Summary
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 252 | Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource | Default Graph (primary)9001 |
| CanFollow | Is Issue | 396 | Declaration of Catch for Generic Exception | Default Graph (primary)9001 |
| CanFollow | Is Issue | 397 | Declaration of Throws for Generic Exception | Default Graph (primary)9001 |
Reduced Adaptability |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9132 | Maturity: Preliminary |
DescriptionDescription Summary
Adaptability may be reduced if variables are initialized or defined by hard-coded or set values embedded within the code.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 9046 | Excessive Use of Hard-Coded Literals in Initialization | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9142 | Hard-Coding | Default Graph (primary)9001 |
Resource Exhaustion |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9177 | Maturity: Preliminary |
DescriptionDescription Summary
Resource Exhaustion may result when a specific resource is expended and/or not replaced and remains unavailable.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 606 | Unchecked Input for Loop Condition | Default Graph (primary)9001 |
| CanFollow | Is Issue | 674 | Uncontrolled Recursion | Default Graph (primary)9001 |
| CanFollow | Is Issue | 772 | Missing Release of Resource after Effective Lifetime | Default Graph (primary)9001 |
| CanFollow | Is Issue | 788 | Memory Location Access After End of Buffer | Default Graph (primary)9001 |
| CanFollow | Is Issue | 835 | Loop with Unreachable Exit Condition ('Infinite Loop') | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9061 | Recursion | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9080 | Resource Lifecycle | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9083 | Iteration Control | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9085 | Numerical Conversion | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9094 | Resource Bounds | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9144 | Resource Monitoring | Default Graph (primary)9001 |
Security Vulnerabilities |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9058 | Maturity: Preliminary |
DescriptionDescription Summary
Security Vulnerabilities are a class of Consequences that includes any security-sensitive context that allows for code to perform outside of expected parameters.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 456 | Storable and Member Data Element Missing Initialization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 681 | Numeric Types Incorrect Conversion | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9085 | Numerical Conversion | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9129 | Output Formatting Control | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9170 | Initialization Practices | Default Graph (primary)9001 |
Unauthorized Access to Sensitive Information |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9152 | Maturity: Preliminary |
DescriptionDescription Summary
Unauthorized Access to Sensitive Information may result when improper access controls are implemented, resulting in data leaks or unauthorized parties accessing information.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 22 | Path Traversal Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 79 | Cross-site Scripting Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 89 | SQL Injection Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 99 | Name or Reference Resolution Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 120 | Buffer Copy without Checking Size of Input | Default Graph (primary)9001 |
| CanFollow | Is Issue | 129 | Array Index Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Is Issue | 327 | Broken or Risky Cryptographic Algorithm Usage | Default Graph (primary)9001 |
| CanFollow | Is Issue | 672 | Expired or Released Resource Usage | Default Graph (primary)9001 |
| CanFollow | Is Issue | 772 | Missing Release of Resource after Effective Lifetime | Default Graph (primary)9001 |
| CanFollow | Is Issue | 789 | Uncontrolled Memory Allocation | Default Graph (primary)9001 |
| CanFollow | Is Issue | 798 | Hard-Coded Credentials Usage for Remote Authentication | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9003 | SQL Command Execution | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9006 | OS Command Execution | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9049 | Array Indexing | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9063 | Authentication Practices | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9078 | Memory Management | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9097 | Output Generation | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9127 | Resource Identification Control | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9136 | Cryptography | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9183 | File Path Control | Default Graph (primary)9001 |
Unauthorized Code Execution |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9030 | Maturity: Preliminary |
DescriptionDescription Summary
Unauthorized Code Execution may result when improper access controls are implemented, resulting in code being executed by unprivileged actors.
Relationships| Nature | Type | ID | Name | View(s) this relationship pertains to View |
|---|---|---|---|---|
| CanFollow | Is Issue | 78 | OS Command Injection Improper Input Neutralization | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9006 | OS Command Execution | Default Graph (primary)9001 |
| CanFollow | Pr Practice | 9006 | OS Command Execution | Default Graph (primary)9001 |
Unexpected Behaviors |
[an error occurred while processing this directive]
Definition in a New Window
|
| Consequence ID: 9168 | Maturity: Preliminary |
Description
Description Summary
Relationships
