EN JP CN

2020 CWE Top 25 Most Dangerous Software Errors mapped to Klocwork checkers

Rank	CWE ID	Description	Klocwork Issue Code
1	79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	C/C++: SV.TAINTED.XSS.REFLECTED Java: SV.XSS.DB SV.XSS.REF
2	787	Out-of-bounds Write	C/C++: ABV.ANY_SIZE_ARRAY ABV.GENERAL ABV.ITERATOR ABV.MEMBER ABV.STACK ABV.TAINTED ABV.UNICODE.BOUND_MAP ABV.UNICODE.FAILED_MAP ABV.UNICODE.NNTS_MAP ABV.UNICODE.SELF_MAP ABV.UNKNOWN_SIZE NNTS.MIGHT NNTS.MUST NNTS.TAINTED RABV.CHECK RN.INDEX SV.FMT_STR.BAD_SCAN_FORMAT SV.STRBO.BOUND_COPY.OVERFLOW SV.STRBO.BOUND_COPY.UNTERM SV.STRBO.BOUND_SPRINTF SV.STRBO.UNBOUND_COPY SV.STRBO.UNBOUND_SPRINTF SV.UNBOUND_STRING_INPUT.CIN SV.UNBOUND_STRING_INPUT.FUNC
3	20	Improper Input Validation	C/C++: ABV.TAINTED NNTS.TAINTED SV.TAINTED.ALLOC_SIZE SV.TAINTED.CALL.DEREF SV.TAINTED.CALL.INDEX_ACCESS SV.TAINTED.CALL.LOOP_BOUND SV.TAINTED.DEREF SV.TAINTED.FMTSTR SV.TAINTED.INDEX_ACCESS SV.TAINTED.LOOP_BOUND SV.TAINTED.PATH_TRAVERSAL SV.TAINTED.SECURITY_DECISION SV.TAINTED.BINOP SV.TAINTED.CALL.BINOP SV.CODE_INJECTION.SHELL_EXEC SV.TAINTED.INJECTION C#: CS.SQL.INJECT.LOCAL CS.SV.TAINTED.ALLOC_SIZE CS.SV.TAINTED.CALL.GLOBAL CS.SV.TAINTED.CALL.INDEX_ACCESS CS.SV.TAINTED.CALL.LOOP_BOUND CS.SV.TAINTED.CALL.LOOP_BOUND.RESOURCE CS.SV.TAINTED.DESERIALIZATION CS.SV.TAINTED.FMTSTR CS.SV.TAINTED.GLOBAL CS.SV.TAINTED.INDEX_ACCESS CS.SV.TAINTED.INJECTION CS.SV.TAINTED.LOOP_BOUND CS.SV.TAINTED.PATH_TRAVERSAL Java: ANDROID.LIFECYCLE.SV.GETEXTRA SV.DOS.ARRINDEX SV.LOADLIB.INJ SV.STRUTS.NOTVALID SV.STRUTS.VALIDMET SV.TAINT SV.TAINT_NATIVE
4	125	Out-of-bounds Read	C/C++: ABV.ANY_SIZE_ARRAY ABV.GENERAL ABV.ITERATOR ABV.MEMBER ABV.STACK ABV.TAINTED ABV.UNICODE.BOUND_MAP ABV.UNICODE.FAILED_MAP ABV.UNICODE.NNTS_MAP ABV.UNICODE.SELF_MAP ABV.UNKNOWN_SIZE NNTS.MIGHT NNTS.MUST NNTS.TAINTED RABV.CHECK RN.INDEX SV.FMT_STR.BAD_SCAN_FORMAT SV.STRBO.BOUND_COPY.OVERFLOW SV.STRBO.BOUND_COPY.UNTERM SV.STRBO.BOUND_SPRINTF SV.STRBO.UNBOUND_COPY SV.STRBO.UNBOUND_SPRINTF SV.UNBOUND_STRING_INPUT.CIN SV.UNBOUND_STRING_INPUT.FUNC
5	119	Improper Restriction of Operations within the Bounds of a Memory Buffer	C/C++: ABV.ANY_SIZE_ARRAY ABV.GENERAL ABV.ITERATOR ABV.MEMBER ABV.STACK ABV.TAINTED ABV.UNICODE.BOUND_MAP ABV.UNICODE.FAILED_MAP ABV.UNICODE.NNTS_MAP ABV.UNICODE.SELF_MAP ABV.UNKNOWN_SIZE NNTS.MIGHT NNTS.MUST NNTS.TAINTED RABV.CHECK RN.INDEX SV.FMT_STR.BAD_SCAN_FORMAT SV.STRBO.BOUND_COPY.OVERFLOW SV.STRBO.BOUND_COPY.UNTERM SV.STRBO.BOUND_SPRINTF SV.STRBO.UNBOUND_COPY SV.STRBO.UNBOUND_SPRINTF SV.UNBOUND_STRING_INPUT.CIN SV.UNBOUND_STRING_INPUT.FUNC C#: CS.SV.TAINTED.INDEX_ACCESS CS.SV.TAINTED.CALL.INDEX_ACCESS
6	89	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')	C#: CS.SQL.INJECT.LOCAL Java: SV.DATA.DB SV.SQL SV.SQL.DBSOURCE
7	200	Information Exposure	C/C++: SPECTRE.VARIANT1 C#: CS.INFORMATION_EXPOSURE.ALL CS.INFORMATION_EXPOSURE.ATTR Java: SV.IL.DEV SV.IL.FILE SV.SENSITIVE.DATA SV.SENSITIVE.OBJ
8	416	Use After Free	C/C++: CL.FFM.ASSIGN CL.FFM.COPY CL.SELF-ASSIGN CL.SHALLOW.ASSIGN CL.SHALLOW.COPY LOCRET.ARG LOCRET.GLOB LOCRET.RET UFM.DEREF.MIGHT UFM.DEREF.MUST UFM.FFM.MIGHT UFM.FFM.MUST UFM.RETURN.MIGHT UFM.RETURN.MUST UFM.USE.MIGHT UFM.USE.MUST
9	352	Cross-Site Request Forgery (CSRF)	Java: SV.CSRF.GET SV.CSRF.TOKEN SV.CSRF.ORIGIN
10	78	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')	C/C++: SV.CODE_INJECTION.SHELL_EXEC SV.TAINTED.INJECTION C#: CS.SV.TAINTED.INJECTION Java: SV.EXEC SV.EXEC.DIR SV.EXEC.ENV SV.EXEC.LOCAL
11	190	Integer Overflow or Wraparound	C/C++: NUM.OVERFLOW SV.TAINTED.BINOP SV.TAINTED.CALL.BINOP C#: CS.SV.TAINTED.BINOP CS.SV.TAINTED.CALL.BINOP Java: SV.INT_OVF
12	22	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	C/C++: SV.DLLPRELOAD.NONABSOLUTE.DLL SV.DLLPRELOAD.NONABSOLUTE.EXE SV.DLLPRELOAD.SEARCHPATH SV.TAINTED.PATH_TRAVERSAL C#: CS.SV.TAINTED.PATH_TRAVERSAL Java: SV.PATH SV.PATH.INJ
13	476	NULL Pointer Dereference	C/C++: NPD.CHECK.CALL.MIGHT NPD.CHECK.CALL.MUST NPD.CHECK.MIGHT NPD.CHECK.MUST NPD.CONST.CALL NPD.CONST.DEREF NPD.FUNC.CALL.MIGHT NPD.FUNC.CALL.MUST NPD.FUNC.MIGHT NPD.FUNC.MUST NPD.GEN.CALL.MIGHT NPD.GEN.CALL.MUST NPD.GEN.MIGHT NPD.GEN.MUST RNPD.CALL RNPD.DEREF C#: CS.NRE.CHECK.CALL.MIGHT CS.NRE.CHECK.CALL.MUST CS.NRE.CHECK.MIGHT CS.NRE.CHECK.MUST CS.NRE.CONST.CALL CS.NRE.CONST.DEREF CS.NRE.FUNC.CALL.MIGHT CS.NRE.FUNC.CALL.MUST CS.NRE.FUNC.MIGHT CS.NRE.FUNC.MUST CS.NRE.GEN.CALL.MIGHT CS.NRE.GEN.CALL.MUST CS.NRE.GEN.MIGHT CS.NRE.GEN.MUST CS.RNRE Java: ANDROID.NPE NPE.COND NPE.CONST NPE.RET NPE.RET.UTIL NPE.STAT REDUN.NULL RNU.THIS
14	287	Improper Authentication	Not currently supported
15	434	Unrestricted Upload of File with Dangerous Type	Java: SV.DATA.FILE
16	732	Incorrect Permission Assignment for Critical Resource	C/C++: SV.USAGERULES.PERMISSIONS C#: CS.NPS Java: SV.PERMS.HOME SV.PERMS.WIDE SV.XSS.COOKIE
17	94	Improper Control of Generation of Code ('Code Injection')	C/C++: SV.CODE_INJECTION.SHELL_EXEC SV.TAINTED.INJECTION C#: CS.SQL.INJECT.LOCAL CS.SV.TAINTED.FMTSTR Java: SV.SQL SV.SQL.DBSOURCE SV.DATA.DB
18	522	Insufficiently Protected Credentials	Not currently supported
19	611	Improper Restriction of XML External Entity Reference	Java: SV.XXE.DBF SV.XXE.SF SV.XXE.SPF SV.XXE.TF SV.XXE.XIF SV.XXE.XRF
20	798	Use of Hard-coded Credentials	C/C++: HCC HCC.USER HCC.PWD Java: SV.PASSWD.HC SV.PASSWD.HC.EMPTY
21	502	Deserialization of Untrusted Data	C#: CS.SV.TAINTED.DESERIALIZATION Java: SV.SERIAL.NOFINAL SV.SERIAL.NOREAD SV.SERIAL.NOWRITE SV.SERIAL.SIG SV.SERIAL.OVERRIDE
22	269	Improper Privilege Management	C/C++: SV.USAGERULES.PERMISSIONS C#: CS.SV.USAGERULES.PERMISSIONS Java: SV.PRIVILEGE.MISSING
23	400	Uncontrolled Resource Consumption	C/C++: CL.MLK CL.MLK.ASSIGN CL.MLK.VIRTUAL MLK.MIGHT MLK.MUST MLK.RET.MIGHT MLK.RET.MUST RH.LEAK SV.CODE_INJECTION.SHELL_EXEC SV.TAINTED.INJECTION C#: CS.RESOURCE.LOOP CS.SV.TAINTED.LOOP_BOUND.RESOURCE CS.SV.TAINTED.CALL.LOOP_BOUND.RESOURCE CS.RESOURCE.AUTOBOXING CS.RESOURCE.UNBOXING Java: JD.INF.ALLOC SV.DOS.ARRSIZE
24	306	Missing Authentication for Critical Function	Not currently supported
25	862	Missing Authorization	Not currently supported

Support Summary:

21 of 25 statically verifiable weaknesses