Category: SFP Secondary Cluster: Faulty Input Transformation
Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Faulty Input Transformation cluster.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-116 | Improper Encoding or Escaping of Output | This vulnerability occurs when an application builds a structured message—like a query, command, or request—for another component but fails to properly encode or escape user-supplied data. Because the output's structure isn't preserved, an attacker can inject malicious instructions that the receiving component will execute. |
| CWE-166 | Improper Handling of Missing Special Element | This vulnerability occurs when software expects a specific delimiter, terminator, or other special marker in its input but fails to properly handle situations where that element is absent. The application may then misinterpret boundaries, leading to crashes, data corruption, or security breaches. |
| CWE-167 | Improper Handling of Additional Special Element | This vulnerability occurs when software receives data from another component but fails to properly process or validate unexpected special characters or control elements within that input. |
| CWE-168 | Improper Handling of Inconsistent Special Elements | This vulnerability occurs when software fails to correctly process input containing conflicting or mismatched special elements like characters, symbols, or reserved keywords. |
| CWE-172 | Encoding Error | This vulnerability occurs when software incorrectly transforms data between different formats, leading to corrupted or misinterpreted information that can break functionality or create security gaps. |
| CWE-173 | Improper Handling of Alternate Encoding | This vulnerability occurs when software fails to correctly process input that arrives in a different character encoding than expected, allowing that input to bypass security checks or cause misinterpretation. |
| CWE-174 | Double Decoding of the Same Data | This vulnerability occurs when an application decodes the same piece of data twice in sequence. This double processing can bypass or neutralize security checks that happen after the first decode, leaving the system exposed. |
| CWE-175 | Improper Handling of Mixed Encoding | This vulnerability occurs when software fails to correctly process input that contains multiple character encodings within the same data stream. |
| CWE-176 | Improper Handling of Unicode Encoding | This vulnerability occurs when software fails to correctly process or interpret Unicode-encoded input, leading to security bypasses, data corruption, or unexpected behavior. |
| CWE-177 | Improper Handling of URL Encoding (Hex Encoding) | This vulnerability occurs when an application fails to correctly process URL-encoded (also known as percent-encoded or hex-encoded) input, either by double-decoding it, not decoding it at all, or inconsistently handling encoded characters across different security checks. |
| CWE-178 | Improper Handling of Case Sensitivity | This vulnerability occurs when software fails to consistently handle uppercase and lowercase letters when checking or accessing resources, leading to unpredictable behavior and security gaps. |
| CWE-179 | Incorrect Behavior Order: Early Validation | This vulnerability occurs when an application validates user input before applying security filters or data normalization. Attackers can exploit this order of operations by submitting specially crafted input that passes the initial validation but becomes malicious after the application's filters or canonicalization processes modify it. |
| CWE-180 | Incorrect Behavior Order: Validate Before Canonicalize | This vulnerability occurs when a system checks user input for malicious content before standardizing its format, allowing specially crafted data to bypass security checks. |
| CWE-181 | Incorrect Behavior Order: Validate Before Filter | This vulnerability occurs when a system checks user input for validity before cleaning or filtering it. This flawed sequence allows malicious data to pass validation, only to be altered by later filters into a dangerous form. |
| CWE-182 | Collapse of Data into Unsafe Value | This vulnerability occurs when an application's data filtering or transformation process incorrectly merges or simplifies information, producing a result that violates security rules. Essentially, safe input gets collapsed into a dangerous value. |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs). |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.