View-1178: Weaknesses Addressed by the SEI CERT Perl Coding Standard

ID: 1178

Type: Graph

Status: Stable

Objective

CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommendations of the SEI CERT Perl Coding Standard.

Audience

Software Developers

By following the SEI CERT Perl Coding Standard, developers will be able to fully or partially prevent the weaknesses that are identified in this view. In addition, developers can use a CWE coverage graph to determine which weaknesses are not directly addressed by the standard, which will help identify and resolve remaining gaps in training, tool acquisition, or other approaches for reducing weaknesses.

Software Customers

If a software developer claims to be following the SEI CERT Perl Coding Standard, then customers can search for the weaknesses in this view in order to formulate independent evidence of that claim.

Educators

Educators can use this view in multiple ways. For example, if there is a focus on teaching weaknesses, the educator could link them to the relevant Secure Coding Standard.

Membership

CWE-ID	title
CWE-1179	SEI CERT Perl编码标准-指南01.输入验证和数据消毒（IDS）
CWE-1180	SEI CERT Perl编码标准-准则02.声明和初始化（DCL）
CWE-1181	SEI CERT Perl编码标准-准则03.表达式（EXP）
CWE-1182	SEI CERT Perl编码标准-准则04.整数（INT）
CWE-1183	SEI CERT Perl编码标准-准则05.字符串（STR）
CWE-1184	SEI CERT Perl编码标准-指南06.面向对象编程（OOP）
CWE-1185	SEI CERT Perl编码标准-准则07.文件输入和输出（FIO）
CWE-1186	SEI CERT Perl编码标准-准则50.其他（MSC）

Notes

Relationship

The relationships in this view were determined based on specific statements within the rules from the standard. Not all rules have direct relationships to individual weaknesses, although they likely have chaining relationships in specific circumstances.

引用

REF-1011 SEI CERT Perl Coding Standard

文章来源于互联网:scap中文网