| CWE-180 |
The software validates input before it is canonicalized, which prevents the software from detecting data that becomes invalid after the canonicalization step. |
| CWE-181 |
The software validates data before it has been filtered, which prevents the software from detecting data that becomes invalid after the filtering step. |
| CWE-182 |
The software filters data in a way that causes it to be reduced or "collapsed" into an unsafe value that violates an expected security property. |
| CWE-183 |
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses. |
| CWE-184 |
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete, leading to resultant weaknesses. |
| CWE-185 |
The software specifies a regular expression in a way that causes data to be improperly matched or compared. |
| CWE-186 |
A regular expression is overly restrictive, which prevents dangerous values from being detected. |
| CWE-187 |
The software performs a comparison that only examines a portion of a factor before determining whether there is a match, such as a substring, leading to resultant weaknesses. |
| CWE-188 |
The software makes invalid assumptions about how protocol data or memory is organized at a lower level, resulting in unintended program behavior. |
| CWE-190 |
The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. |
