Category: SEI CERT Oracle Secure Coding Standard for Java - Guidelines 02. Expressions (EXP)

Stable

Summary

Weaknesses in this category are related to the rules and recommendations in the Expressions (EXP) section of the SEI CERT Oracle Secure Coding Standard for Java.

Membership

ID	Name	Description
CWE-252	Unchecked Return Value	This vulnerability occurs when a program fails to verify the result of a function or method call, allowing it to continue execution without detecting errors or unexpected conditions.
CWE-476	NULL Pointer Dereference	This vulnerability occurs when a program attempts to access or manipulate memory using a pointer that is set to NULL, causing a crash or unexpected behavior.
CWE-595	Comparison of Object References Instead of Object Contents	This vulnerability occurs when code incorrectly checks if two object references point to the same memory location, rather than comparing the actual data or values contained within the objects. This mistake prevents the software from correctly identifying when two separate objects hold equivalent content.
CWE-597	Use of Wrong Operator in String Comparison	This vulnerability occurs when a developer incorrectly compares string values, typically by using reference equality operators (like == or !=) instead of dedicated string comparison methods (like .equals()).
CWE-1133	Weaknesses Addressed by the SEI CERT Oracle Coding Standard for Java	CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommendations of the SEI CERT Oracle Coding Standard for Java.

Vulnerability Mapping Notes

Usage: Prohibited

Reasons: Category

Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.

Comment:

See member weaknesses of this category.