Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:SEI CERT Oracle Secure Coding Standard for Java - Guidelines 14. Serialization (SER)
Category ID:1148
Vulnerability Mapping:Prohibited
Status:Stable
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are related to the rules and recommendations in the Serialization (SER) section of the SEI CERT Oracle Secure Coding Standard for Java.

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV1133Weaknesses Addressed by the SEI CERT Oracle Coding Standard for Java
HasMemberAllowedB319Cleartext Transmission of Sensitive Information
HasMemberDiscouragedC400Uncontrolled Resource Consumption
HasMemberAllowedV499Serializable Class Containing Sensitive Data
HasMemberAllowedB502Deserialization of Untrusted Data
HasMemberAllowedB770Allocation of Resources Without Limits or Throttling
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 1133
Name: Weaknesses Addressed by the SEI CERT Oracle Coding Standard for Java
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 319
Name: Cleartext Transmission of Sensitive Information
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 400
Name: Uncontrolled Resource Consumption
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 499
Name: Serializable Class Containing Sensitive Data
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 502
Name: Deserialization of Untrusted Data
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 770
Name: Allocation of Resources Without Limits or Throttling
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.

Comments:

See member weaknesses of this category.

▼Notes
▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
▼References
Reference ID: REF-827
Title: SEI CERT Oracle Coding Standard for Java : Rule 14. Serialization (SER)
Version: v4.15
Author: The Software Engineering Institute
Publication:
Publisher:
Edition:
URL:https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=88487787
URL Date:
Day:N/A
Month:N/A
Year:N/A
Details not found