CWE-1038 |
The product uses a mechanism that automatically optimizes code, e.g. to improve a characteristic such as performance, but the optimizations can have an unintended side effect that might violate an intended security assumption. |
CWE-1039 |
The product uses an automated mechanism such as machine learning to recognize complex data inputs (e.g. image or audio) as a particular concept or category, but it does not properly detect or handle inputs that have been modified or constructed in a way that causes the mechanism to detect a different, incorrect concept. |
CWE-104 |
If a form bean does not extend an ActionForm subclass of the Validator framework, it can expose the application to other weaknesses related to insufficient input validation. |
CWE-1041 |
The software has multiple functions, methods, procedures, macros, etc. that
contain the same code. |
CWE-1042 |
The code contains a member element that is declared as static (but not final), in which
its parent class element
is not a singleton class - that is, a class element that can be used only once in
the 'to' association of a Create action. |
CWE-1043 |
The software uses a data element that has an excessively large
number of sub-elements with non-primitive data types such as structures or aggregated objects. |
CWE-1044 |
The software's architecture contains too many - or too few -
horizontal layers. |
CWE-1045 |
A parent class has a virtual destructor method, but the parent has a child class that does not have a virtual destructor. |
CWE-1046 |
The software creates an immutable text string using string concatenation operations. |
CWE-1047 |
The software contains modules in which one module has references that cycle back to itself, i.e., there are circular dependencies. |