Weaknesses in this category are related to the A8 category in the OWASP Top Ten 2004.
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | V | 711 | Weaknesses in OWASP Top Ten (2004) |
| HasMember | Allowed | V | 14 | Compiler Removal of Code to Clear Buffers |
| HasMember | Allowed | B | 226 | Sensitive Information in Resource Not Removed Before Reuse |
| HasMember | Allowed | B | 261 | Weak Encoding for Password |
| HasMember | Discouraged | C | 311 | Missing Encryption of Sensitive Data |
| HasMember | Allowed | V | 321 | Use of Hard-coded Cryptographic Key |
| HasMember | Allowed-with-Review | C | 326 | Inadequate Encryption Strength |
| HasMember | Allowed-with-Review | C | 327 | Use of a Broken or Risky Cryptographic Algorithm |
| HasMember | Allowed | V | 539 | Use of Persistent Cookies Containing Sensitive Information |
| HasMember | Allowed | V | 591 | Sensitive Data Storage in Improperly Locked Memory |
| HasMember | Allowed | V | 598 | Use of GET Request Method With Sensitive Query Strings |
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
See member weaknesses of this category.
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|