Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)
Category ID:858
Vulnerability Mapping:Prohibited
Status:Obsolete
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are related to rules in the Serialization (SER) chapter of The CERT Oracle Secure Coding Standard for Java (2011).

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV844Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)
HasMemberAllowedB250Execution with Unnecessary Privileges
HasMemberAllowedB319Cleartext Transmission of Sensitive Information
HasMemberDiscouragedC400Uncontrolled Resource Consumption
HasMemberAllowedV499Serializable Class Containing Sensitive Data
HasMemberAllowedB502Deserialization of Untrusted Data
HasMemberAllowedV589Call to Non-ubiquitous API
HasMemberAllowedB770Allocation of Resources Without Limits or Throttling
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 844
Name: Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 250
Name: Execution with Unnecessary Privileges
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 319
Name: Cleartext Transmission of Sensitive Information
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 400
Name: Uncontrolled Resource Consumption
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 499
Name: Serializable Class Containing Sensitive Data
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 502
Name: Deserialization of Untrusted Data
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 589
Name: Call to Non-ubiquitous API
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 770
Name: Allocation of Resources Without Limits or Throttling
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.

Comments:

See member weaknesses of this category.

▼Notes
▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
▼References
Reference ID: REF-813
Title: The CERT Oracle Coding Standard for Java
Version: v4.15
Author: Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, David Svoboda
Publication:
Publisher:Addison-Wesley Professional
Edition:1st Edition
URL:
URL Date:
Day:18
Month:09
Year:2011
Details not found