CWE - Differences between 1.0.1 and 1.1

Home > CWE List > Reports > Differences between 1.0.1 and 1.1

Differences between 1.0.1 and 1.1

Differences between 1.0.1 and 1.1

Summary | Field Change Summary | Important Changes | Detailed Difference Report

Summary

Total (1.1)	751
Total (1.0.1)	735
Total new	16
Total deprecated	1
Total shared	735
Total important changes	115
Total major changes	140
Total minor changes	1
Total minor changes (no major)	1
Total unchanged	594

Field Change Summary

Any change with respect to whitespace is ignored. "Minor" changes are text changes that only affect capitalization and punctuation. Most other changes are marked as "Major." Simple schema changes are treated as Minor, such as the change from AffectedResource to Affected_Resource in Draft 8, or the relationship name change from "IsRequiredBy" to "RequiredBy" in Version 1.0. For each mutual relationship between nodes A and B (such as ParentOf and ChildOf), a relationship change is noted for both A and B.

Field	Major	Minor
Affected_Resources	1	0
Alternate_Terms	0	0
Applicable_Platforms	4	0
Background_Details	6	0
Black_Box_Definitions	0	0
Causal_Nature	0	0
Common_Consequences	9	0
Common_Methods_of_Exploitation	0	0
Context_Notes	0	0
Demonstrative_Examples	9	0
Description	21	0
Detection_Factors	3	0
Enabling_Factors_for_Exploitation	1	0
Functional_Areas	1	0
Likelihood_of_Exploit	0	0
Maintenance_Notes	3	0
Modes_of_Introduction	0	0
Name	6	0
Observed_Examples	25	0
Other_Notes	22	1
Potential_Mitigations	11	0
References	3	0
Related_Attack_Patterns	0	0
Relationship_Notes	4	0
Relationships	99	0
Relevant_Properties	0	0
Research_Gaps	0	0
Source_Taxonomy	0	0
Taxonomy_Mappings	90	0
Terminology_Notes	0	0
Theoretical_Notes	0	0
Time_of_Introduction	3	0
Type	2	0
View_Audience	0	0
View_Filter	0	0
View_Structure	0	0
View_Type	0	0
Weakness_Ordinalities	2	0
White_Box_Definitions	0	0

Form and Abstraction Changes

From	To	Total
Unchanged		733
Weakness/Base	Deprecated	1
Weakness/Variant	Weakness/Base	1

Relationship Changes

The "1.1 Total" lists the total number of relationships in 1.1. The "Shared" value is the total number of relationships in entries that were in both 1.1 and 1.0.1. The "New" value is the total number of relationships involving entries that did not exist in 1.0.1. Thus, the total number of relationships in 1.1 would combine stats from Shared entries and New entries.

Relationship	1.1 Total	1.0.1 Total	1.1 Shared	Unchanged	Added to 1.1	Removed from 1.1	1.1 New
ALL	4293	4025	4019	4009	10	16	274
CanAlsoBe	38	38	38	38
CanFollow	74	73	74	73	1
CanPrecede	74	73	74	73	1
ChildOf	1820	1702	1697	1694	3	8	123
HasMember	111	96	97	96	1		14
MemberOf	111	96	97	96	1		14
ParentOf	1820	1702	1697	1694	3	8	123
PeerOf	188	188	188	188
RequiredBy	27	27	27	27
Requires	27	27	27	27
StartsWith	3	3	3	3

Nodes Removed from 1.0.1

CWE-ID	CWE Name
None.

Nodes Added to 1.1

CWE-ID	CWE Name
734	Weaknesses Addressed by the CERT C Secure Coding Standard
735	CERT C Secure Coding Section 01 - Preprocessor (PRE)
736	CERT C Secure Coding Section 02 - Declarations and Initialization (DCL)
737	CERT C Secure Coding Section 03 - Expressions (EXP)
738	CERT C Secure Coding Section 04 - Integers (INT)
739	CERT C Secure Coding Section 05 - Floating Point (FLP)
740	CERT C Secure Coding Section 06 - Arrays (ARR)
741	CERT C Secure Coding Section 07 - Characters and Strings (STR)
742	CERT C Secure Coding Section 08 - Memory Management (MEM)
743	CERT C Secure Coding Section 09 - Input Output (FIO)
744	CERT C Secure Coding Section 10 - Environment (ENV)
745	CERT C Secure Coding Section 11 - Signals (SIG)
746	CERT C Secure Coding Section 12 - Error Handling (ERR)
747	CERT C Secure Coding Section 49 - Miscellaneous (MSC)
748	CERT C Secure Coding Section 50 - POSIX (POS)
749	Exposed Insecure Method or Function

Nodes Deprecated in 1.1

CWE-ID	CWE Name
423	DEPRECATED (Duplicate): Proxied Trusted Channel

Important Changes

A node change is labeled "important" if it is a major field change and the field is critical to the meaning of the node. The critical fields are description, name, and relationships.

Key
D	Description
N	Name
R	Relationships

D			11	ASP.NET Misconfiguration: Creating Debug Binary
D		R	14	Compiler Removal of Code to Clear Buffers
		R	20	Insufficient Input Validation
		R	22	Path Traversal
		R	37	Path Traversal: '/absolute/pathname/here'
		R	38	Path Traversal: '\absolute\pathname\here'
		R	39	Path Traversal: 'C:dirname'
		R	41	Failure to Resolve Path Equivalence
		R	59	Failure to Resolve Links Before File Access (aka 'Link Following')
		R	62	UNIX Hard Link
		R	64	Windows Shortcut Following (.LNK)
		R	65	Windows Hard Link
		R	67	Failure to Handle Windows Device Names
D	N		72	Failure to Handle Apple HFS+ Alternate Data Stream Path
		R	78	Failure to Sanitize Data into an OS Command (aka 'OS Command Injection')
		R	88	Argument Injection or Modification
D			103	Struts: Incomplete validate() Method Definition
D			108	Struts: Unvalidated Action Form
D			110	Struts: Validator Without Form Field
D			111	Direct Use of Unsafe JNI
D			112	Missing XML Validation
D			113	Failure to Sanitize CRLF Sequences in HTTP Headers (aka 'HTTP Response Splitting')
D			114	Process Control
D			117	Incorrect Output Sanitization for Logs
		R	119	Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer
		R	120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
		R	128	Wrap-around Error
		R	129	Unchecked Array Indexing
		R	131	Incorrect Calculation of Buffer Size
		R	134	Uncontrolled Format String
		R	135	Incorrect Calculation of Multi-Byte String Length
		R	170	Improper Null Termination
		R	176	Failure to Handle Unicode Encoding
		R	190	Integer Overflow (Wrap or Wraparound)
		R	192	Integer Coercion Error
		R	193	Off-by-one Error
D	N	R	194	Unexpected Sign Extension
		R	197	Numeric Truncation Error
D			211	Product-External Error Message Information Leak
		R	226	Sensitive Information Uncleared Before Release
		R	241	Failure to Handle Wrong Data Type
		R	242	Use of Inherently Dangerous Function
		R	244	Failure to Clear Heap Memory Before Release (aka 'Heap Inspection')
		R	252	Unchecked Return Value
D			259	Hard-Coded Password
		R	267	Privilege Defined With Unsafe Actions
		R	272	Least Privilege Violation
		R	273	Failure to Check Whether Privileges Were Dropped Successfully
		R	276	Insecure Default Permissions
		R	279	Insecure Execution-assigned Permissions
		R	330	Use of Insufficiently Random Values
		R	362	Race Condition
		R	363	Race Condition Enabling Link Following
		R	365	Race Condition in Switch
		R	366	Race Condition within a Thread
		R	367	Time-of-check Time-of-use (TOCTOU) Race Condition
		R	369	Divide By Zero
		R	379	Creation of Temporary File in Directory with Insecure Permissions
D			390	Detection of Error Condition Without Action
		R	391	Unchecked Error Condition
		R	403	UNIX File Descriptor Leak
		R	404	Improper Resource Shutdown or Release
		R	415	Double Free
		R	416	Use After Free
		R	418	Channel Errors
D	N	R	423	DEPRECATED (Duplicate): Proxied Trusted Channel
		R	426	Untrusted Search Path
		R	435	Interaction Error
		R	441	Unintended Proxy/Intermediary
		R	462	Duplicate Key in Associative List (Alist)
		R	464	Addition of Data Structure Sentinel
		R	466	Return of Pointer Value Outside of Expected Range
		R	467	Use of sizeof() on a Pointer Type
		R	468	Incorrect Pointer Scaling
		R	469	Use of Pointer Subtraction to Determine Size
		R	476	NULL Pointer Dereference
		R	479	Unsafe Function Call from a Signal Handler
		R	480	Use of Incorrect Operator
		R	482	Comparing instead of Assigning
D	N		484	Omitted Break Statement in Switch
		R	485	Insufficient Encapsulation
D			493	Critical Public Variable Without Final Modifier
D	N		500	Public Static Field Not Marked Final
		R	528	Information Leak Through Core Dump Files
		R	544	Missing Error Handling Mechanism
D		R	547	Use of Hard-coded, Security-relevant Constants
		R	552	Files or Directories Accessible to External Parties
		R	561	Dead Code
		R	562	Return of Stack Variable Address
		R	563	Unused Variable
		R	570	Expression is Always False
		R	571	Expression is Always True
		R	587	Assignment of a Fixed Address to a Pointer
		R	590	Free of Invalid Pointer Not on the Heap
		R	591	Sensitive Data Storage in Improperly Locked Memory
	N	R	604	Deprecated Entries
		R	606	Unchecked Input for Loop Condition
		R	618	Exposed Unsafe ActiveX Method
		R	628	Function Call with Incorrectly Specified Arguments
		R	662	Insufficient Synchronization
		R	665	Incorrect or Incomplete Initialization
		R	667	Insufficient Locking
		R	668	Exposure of Resource to Wrong Sphere
		R	675	Duplicate Operations on Resource
		R	676	Use of Potentially Dangerous Function
D		R	681	Incorrect Conversion between Numeric Types
		R	682	Incorrect Calculation
		R	684	Failure to Provide Specified Functionality
		R	686	Function Call With Incorrect Argument Type
		R	687	Function Call With Incorrectly Specified Argument Value
		R	691	Insufficient Control Flow Management
		R	696	Incorrect Behavior Order
		R	697	Insufficient Comparison
		R	704	Incorrect Type Conversion or Cast
		R	705	Incorrect Control Flow Scoping

Detailed Difference Report

11	ASP.NET Misconfiguration: Creating Debug Binary
	Major	Description, Other_Notes
	Minor	None
12	ASP.NET Misconfiguration: Missing Custom Error Handling
	Major	Common_Consequences, Other_Notes, Potential_Mitigations
	Minor	None
14	Compiler Removal of Code to Clear Buffers
	Major	Applicable_Platforms, Description, Detection_Factors, Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings, Time_of_Introduction
	Minor	None
20	Insufficient Input Validation
	Major	Relationships, Taxonomy_Mappings
	Minor	None
22	Path Traversal
	Major	Relationships, Taxonomy_Mappings
	Minor	None
28	Path Traversal: '..\filedir'
	Major	Observed_Examples
	Minor	None
29	Path Traversal: '\..\filename'
	Major	Observed_Examples
	Minor	None
30	Path Traversal: '\dir\..\filename'
	Major	Observed_Examples
	Minor	None
32	Path Traversal: '...' (Triple Dot)
	Major	Observed_Examples
	Minor	None
35	Path Traversal: '.../...//'
	Major	Observed_Examples
	Minor	None
37	Path Traversal: '/absolute/pathname/here'
	Major	Observed_Examples, Relationships, Taxonomy_Mappings
	Minor	None
38	Path Traversal: '\absolute\pathname\here'
	Major	Observed_Examples, Relationships, Taxonomy_Mappings
	Minor	None
39	Path Traversal: 'C:dirname'
	Major	Relationships, Taxonomy_Mappings
	Minor	None
41	Failure to Resolve Path Equivalence
	Major	Relationships, Taxonomy_Mappings
	Minor	None
49	Path Equivalence: 'filename/' (Trailing Slash)
	Major	Observed_Examples
	Minor	None
59	Failure to Resolve Links Before File Access (aka 'Link Following')
	Major	Relationships, Taxonomy_Mappings
	Minor	None
62	UNIX Hard Link
	Major	Relationships, Taxonomy_Mappings
	Minor	None
64	Windows Shortcut Following (.LNK)
	Major	Relationships, Taxonomy_Mappings
	Minor	None
65	Windows Hard Link
	Major	Relationships, Taxonomy_Mappings
	Minor	None
67	Failure to Handle Windows Device Names
	Major	Relationships, Taxonomy_Mappings
	Minor	None
72	Failure to Handle Apple HFS+ Alternate Data Stream Path
	Major	Applicable_Platforms, Background_Details, Demonstrative_Examples, Description, Name, References
	Minor	None
78	Failure to Sanitize Data into an OS Command (aka 'OS Command Injection')
	Major	Observed_Examples, Relationships, Taxonomy_Mappings
	Minor	None
88	Argument Injection or Modification
	Major	Observed_Examples, Relationships, Taxonomy_Mappings
	Minor	None
89	Failure to Sanitize Data within SQL Queries (aka 'SQL Injection')
	Major	Observed_Examples
	Minor	None
103	Struts: Incomplete validate() Method Definition
	Major	Background_Details, Common_Consequences, Description, Other_Notes, Relationship_Notes
	Minor	None
104	Struts: Form Bean Does Not Extend Validation Class
	Major	Background_Details, Common_Consequences, Other_Notes
	Minor	None
108	Struts: Unvalidated Action Form
	Major	Common_Consequences, Description, Other_Notes
	Minor	None
110	Struts: Validator Without Form Field
	Major	Common_Consequences, Description, Other_Notes
	Minor	None
111	Direct Use of Unsafe JNI
	Major	Description, Other_Notes
	Minor	None
112	Missing XML Validation
	Major	Description, Other_Notes
	Minor	None
113	Failure to Sanitize CRLF Sequences in HTTP Headers (aka 'HTTP Response Splitting')
	Major	Description, Other_Notes
	Minor	None
114	Process Control
	Major	Description, Other_Notes
	Minor	None
117	Incorrect Output Sanitization for Logs
	Major	Background_Details, Common_Consequences, Description, Other_Notes, References
	Minor	None
119	Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer
	Major	Relationships, Taxonomy_Mappings
	Minor	None
120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
	Major	Other_Notes, Relationships, Taxonomy_Mappings
	Minor	None
122	Heap-based Buffer Overflow
	Major	Common_Consequences, Other_Notes, Relationship_Notes
	Minor	None
123	Write-what-where Condition
	Major	Common_Consequences, Other_Notes
	Minor	None
128	Wrap-around Error
	Major	Relationships, Taxonomy_Mappings
	Minor	None
129	Unchecked Array Indexing
	Major	Relationships, Taxonomy_Mappings
	Minor	None
131	Incorrect Calculation of Buffer Size
	Major	Relationships, Taxonomy_Mappings
	Minor	None
134	Uncontrolled Format String
	Major	Relationships, Taxonomy_Mappings
	Minor	None
135	Incorrect Calculation of Multi-Byte String Length
	Major	Relationships, Taxonomy_Mappings
	Minor	None
158	Failure to Sanitize Null Byte or NUL Character
	Major	Observed_Examples
	Minor	None
170	Improper Null Termination
	Major	Relationships, Taxonomy_Mappings
	Minor	None
174	Double Decoding of the Same Data
	Major	Observed_Examples
	Minor	None
176	Failure to Handle Unicode Encoding
	Major	Relationships, Taxonomy_Mappings
	Minor	None
178	Failure to Resolve Case Sensitivity
	Major	Observed_Examples
	Minor	None
182	Collapse of Data Into Unsafe Value
	Major	Observed_Examples
	Minor	None
184	Incomplete Blacklist
	Major	Observed_Examples
	Minor	None
190	Integer Overflow (Wrap or Wraparound)
	Major	Relationships, Taxonomy_Mappings
	Minor	None
192	Integer Coercion Error
	Major	Relationships, Taxonomy_Mappings
	Minor	None
193	Off-by-one Error
	Major	Relationships, Taxonomy_Mappings
	Minor	None
194	Unexpected Sign Extension
	Major	Common_Consequences, Demonstrative_Examples, Description, Maintenance_Notes, Name, Observed_Examples, Potential_Mitigations, References, Relationship_Notes, Relationships
	Minor	None
197	Numeric Truncation Error
	Major	Relationships, Taxonomy_Mappings
	Minor	None
211	Product-External Error Message Information Leak
	Major	Description, Enabling_Factors_for_Exploitation, Functional_Areas, Observed_Examples, Other_Notes, Potential_Mitigations, Relationship_Notes, Weakness_Ordinalities
	Minor	None
226	Sensitive Information Uncleared Before Release
	Major	Relationships, Taxonomy_Mappings
	Minor	None
234	Failure to Handle Missing Parameter
	Major	Observed_Examples
	Minor	None
241	Failure to Handle Wrong Data Type
	Major	Relationships, Taxonomy_Mappings
	Minor	None
242	Use of Inherently Dangerous Function
	Major	Relationships, Taxonomy_Mappings
	Minor	None
244	Failure to Clear Heap Memory Before Release (aka 'Heap Inspection')
	Major	Relationships, Taxonomy_Mappings
	Minor	None
252	Unchecked Return Value
	Major	Relationships, Taxonomy_Mappings
	Minor	None
253	Misinterpreted Function Return Value
	Major	Demonstrative_Examples
	Minor	None
259	Hard-Coded Password
	Major	Demonstrative_Examples, Description, Maintenance_Notes, Other_Notes, Potential_Mitigations
	Minor	None
267	Privilege Defined With Unsafe Actions
	Major	Relationships
	Minor	None
272	Least Privilege Violation
	Major	Relationships, Taxonomy_Mappings
	Minor	None
273	Failure to Check Whether Privileges Were Dropped Successfully
	Major	Relationships, Taxonomy_Mappings
	Minor	None
276	Insecure Default Permissions
	Major	Relationships, Taxonomy_Mappings
	Minor	None
279	Insecure Execution-assigned Permissions
	Major	Relationships, Taxonomy_Mappings
	Minor	None
288	Authentication Bypass Using an Alternate Path or Channel
	Major	Observed_Examples
	Minor	None
289	Authentication Bypass by Alternate Name
	Major	Observed_Examples
	Minor	None
305	Authentication Bypass by Primary Weakness
	Major	Observed_Examples
	Minor	None
330	Use of Insufficiently Random Values
	Major	Relationships, Taxonomy_Mappings
	Minor	None
362	Race Condition
	Major	Relationships, Taxonomy_Mappings
	Minor	None
363	Race Condition Enabling Link Following
	Major	Relationships, Taxonomy_Mappings
	Minor	None
365	Race Condition in Switch
	Major	Relationships, Taxonomy_Mappings
	Minor	None
366	Race Condition within a Thread
	Major	Relationships, Taxonomy_Mappings
	Minor	None
367	Time-of-check Time-of-use (TOCTOU) Race Condition
	Major	Relationships, Taxonomy_Mappings
	Minor	None
369	Divide By Zero
	Major	Relationships, Taxonomy_Mappings
	Minor	None
379	Creation of Temporary File in Directory with Insecure Permissions
	Major	Relationships, Taxonomy_Mappings
	Minor	None
390	Detection of Error Condition Without Action
	Major	Demonstrative_Examples, Description, Other_Notes, Potential_Mitigations
	Minor	None
391	Unchecked Error Condition
	Major	Relationships, Taxonomy_Mappings
	Minor	None
403	UNIX File Descriptor Leak
	Major	Affected_Resources, Observed_Examples, Relationships, Taxonomy_Mappings
	Minor	None
404	Improper Resource Shutdown or Release
	Major	Relationships, Taxonomy_Mappings
	Minor	None
415	Double Free
	Major	Relationships, Taxonomy_Mappings
	Minor	None
416	Use After Free
	Major	Relationships, Taxonomy_Mappings
	Minor	None
418	Channel Errors
	Major	Relationships
	Minor	None
423	DEPRECATED (Duplicate): Proxied Trusted Channel
	Major	Applicable_Platforms, Description, Name, Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
	Minor	None
426	Untrusted Search Path
	Major	Relationships, Taxonomy_Mappings
	Minor	None
435	Interaction Error
	Major	Relationships
	Minor	None
439	Behavioral Change in New Version or Environment
	Major	Observed_Examples
	Minor	None
441	Unintended Proxy/Intermediary
	Major	Maintenance_Notes, Relationships, Taxonomy_Mappings, Time_of_Introduction
	Minor	None
462	Duplicate Key in Associative List (Alist)
	Major	Relationships, Taxonomy_Mappings
	Minor	None
464	Addition of Data Structure Sentinel
	Major	Relationships, Taxonomy_Mappings
	Minor	None
466	Return of Pointer Value Outside of Expected Range
	Major	Relationships, Taxonomy_Mappings
	Minor	None
467	Use of sizeof() on a Pointer Type
	Major	Relationships, Taxonomy_Mappings
	Minor	None
468	Incorrect Pointer Scaling
	Major	Relationships, Taxonomy_Mappings
	Minor	None
469	Use of Pointer Subtraction to Determine Size
	Major	Relationships, Taxonomy_Mappings
	Minor	None
476	NULL Pointer Dereference
	Major	Relationships, Taxonomy_Mappings
	Minor	None
479	Unsafe Function Call from a Signal Handler
	Major	Relationships, Taxonomy_Mappings
	Minor	None
480	Use of Incorrect Operator
	Major	Relationships, Taxonomy_Mappings
	Minor	None
482	Comparing instead of Assigning
	Major	Relationships, Taxonomy_Mappings
	Minor	None
484	Omitted Break Statement in Switch
	Major	Applicable_Platforms, Demonstrative_Examples, Description, Detection_Factors, Name, Other_Notes, Potential_Mitigations, Weakness_Ordinalities
	Minor	None
485	Insufficient Encapsulation
	Major	Relationships
	Minor	None
493	Critical Public Variable Without Final Modifier
	Major	Background_Details, Demonstrative_Examples, Description, Other_Notes, Potential_Mitigations
	Minor	None
500	Public Static Field Not Marked Final
	Major	Background_Details, Demonstrative_Examples, Description, Name, Other_Notes, Potential_Mitigations
	Minor	None
528	Information Leak Through Core Dump Files
	Major	Relationships, Taxonomy_Mappings
	Minor	None
539	Information Leak Through Persistent Cookies
	Major	None
	Minor	Other_Notes
544	Missing Error Handling Mechanism
	Major	Relationships, Taxonomy_Mappings
	Minor	None
547	Use of Hard-coded, Security-relevant Constants
	Major	Description, Potential_Mitigations, Relationships, Taxonomy_Mappings
	Minor	None
552	Files or Directories Accessible to External Parties
	Major	Relationships, Taxonomy_Mappings
	Minor	None
561	Dead Code
	Major	Relationships, Taxonomy_Mappings
	Minor	None
562	Return of Stack Variable Address
	Major	Relationships, Taxonomy_Mappings
	Minor	None
563	Unused Variable
	Major	Relationships, Taxonomy_Mappings
	Minor	None
570	Expression is Always False
	Major	Relationships, Taxonomy_Mappings
	Minor	None
571	Expression is Always True
	Major	Relationships, Taxonomy_Mappings
	Minor	None
587	Assignment of a Fixed Address to a Pointer
	Major	Relationships, Taxonomy_Mappings
	Minor	None
590	Free of Invalid Pointer Not on the Heap
	Major	Relationships, Taxonomy_Mappings
	Minor	None
591	Sensitive Data Storage in Improperly Locked Memory
	Major	Relationships, Taxonomy_Mappings
	Minor	None
604	Deprecated Entries
	Major	Name, Relationships
	Minor	None
606	Unchecked Input for Loop Condition
	Major	Relationships, Taxonomy_Mappings
	Minor	None
609	Double-Checked Locking
	Major	Demonstrative_Examples
	Minor	None
618	Exposed Unsafe ActiveX Method
	Major	Relationships, Type
	Minor	None
620	Unverified Password Change
	Major	Observed_Examples
	Minor	None
628	Function Call with Incorrectly Specified Arguments
	Major	Relationships, Taxonomy_Mappings
	Minor	None
662	Insufficient Synchronization
	Major	Relationships, Taxonomy_Mappings
	Minor	None
665	Incorrect or Incomplete Initialization
	Major	Relationships, Taxonomy_Mappings
	Minor	None
667	Insufficient Locking
	Major	Relationships, Taxonomy_Mappings
	Minor	None
668	Exposure of Resource to Wrong Sphere
	Major	Relationships
	Minor	None
675	Duplicate Operations on Resource
	Major	Relationships, Taxonomy_Mappings
	Minor	None
676	Use of Potentially Dangerous Function
	Major	Relationships, Taxonomy_Mappings
	Minor	None
681	Incorrect Conversion between Numeric Types
	Major	Description, Relationships, Taxonomy_Mappings
	Minor	None
682	Incorrect Calculation
	Major	Relationships, Taxonomy_Mappings
	Minor	None
684	Failure to Provide Specified Functionality
	Major	Relationships, Taxonomy_Mappings
	Minor	None
686	Function Call With Incorrect Argument Type
	Major	Relationships, Taxonomy_Mappings
	Minor	None
687	Function Call With Incorrectly Specified Argument Value
	Major	Relationships, Taxonomy_Mappings
	Minor	None
691	Insufficient Control Flow Management
	Major	Relationships
	Minor	None
696	Incorrect Behavior Order
	Major	Relationships, Taxonomy_Mappings
	Minor	None
697	Insufficient Comparison
	Major	Relationships, Taxonomy_Mappings
	Minor	None
704	Incorrect Type Conversion or Cast
	Major	Relationships, Taxonomy_Mappings
	Minor	None
705	Incorrect Control Flow Scoping
	Major	Relationships, Taxonomy_Mappings
	Minor	None
733	Compiler Optimization Removal or Modification of Security-critical Code
	Major	Detection_Factors
	Minor	None

Page Last Updated: January 05, 2017


	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2025, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.