View: Named Chains
Incomplete
Type: Implicit
Objective
This view displays Named Chains and their components.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-680 | Integer Overflow to Buffer Overflow | This vulnerability occurs when a program calculates the size of memory to allocate, but an integer overflow in that calculation results in a much smaller buffer being created than intended. This undersized buffer can then be overflowed by subsequent operations, corrupting adjacent memory. |
| CWE-690 | Unchecked Return Value to NULL Pointer Dereference | This vulnerability occurs when a program calls a function that can return a NULL pointer to signal failure, but the code does not check for this error condition before using the returned value, leading to a crash or unexpected behavior from dereferencing the NULL pointer. |
| CWE-692 | Incomplete Denylist to Cross-Site Scripting | This vulnerability occurs when an application relies on an incomplete denylist to block cross-site scripting (XSS) attacks, leaving the door open for attackers to craft payloads that bypass the filter. |
Mapping Notes
Usage: Prohibited
Reasons: View
Rationale:
This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.
Comment:
Use this View or other Views to search and navigate for the appropriate weakness.