A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to incorrectly written expressions within code.
Casting a non-structure type to a structure type and accessing a field can lead to memory access errors or data corruption.
The program compares object references instead of the contents of the objects themselves, preventing it from detecting equivalent objects.
The software contains an expression that will always evaluate to false.
The software contains an expression that will always evaluate to true.
The program uses an expression in which operator precedence causes incorrect logic to be used.
The programmer accidentally uses the wrong operator, which changes the application logic in security-relevant ways.
This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development l...