interpreted | ByteOS Network

CWE VIEW:Interpreted Weaknesses

ID:BOSS-293

Vulnerability Mapping:Prohibited

Type:Implicit

Status:Draft

Details Content History Observed CVE Examples Reports

▼Objective

This view categorizes and displays weaknesses by language class Interpreted.

▼Memberships

Nature	Mapping	Type	ID	Name
HasMember	Allowed	B	1336	Improper Neutralization of Special Elements Used in a Template Engine
HasMember	Allowed	B	470	Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
HasMember	Allowed-with-Review	B	94	Improper Control of Generation of Code ('Code Injection')
HasMember	Allowed	V	95	Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
HasMember	Allowed	B	96	Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')

Nature: HasMember

Mapping: Allowed

Type: Base

ID: 1336

Name: Improper Neutralization of Special Elements Used in a Template Engine

Nature: HasMember

Mapping: Allowed

Type: Base

ID: 470

Name: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Nature: HasMember

Mapping: Allowed-with-Review

Type: Base

ID: 94

Name: Improper Control of Generation of Code ('Code Injection')

Nature: HasMember

Mapping: Allowed

Type: Variant

ID: 95

Name: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

Nature: HasMember

Mapping: Allowed

Type: Base

ID: 96

Name: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')

▼Vulnerability Mapping Notes

Usage:Prohibited

Reason:View

Rationale:

This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.

Comments:

Use this View or other Views to search and navigate for the appropriate weakness.