Category-858: The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)
ID: 858
Status: Obsolete
Summary
Weaknesses in this category are related to rules in the Serialization (SER) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
Membership
ID | NAME |
---|---|
CWE-250 | 带着不必要的权限执行 |
CWE-319 | 敏感数据的明文传输 |
CWE-400 | 未加控制的资源消耗(资源穷尽) |
CWE-499 | 可序列化的类中包含敏感信息 |
CWE-502 | 可信数据的反序列化 |
CWE-589 | 对非普适API的调用 |
CWE-770 | 不加限制或调节的资源分配 |
References
文章来源于互联网:scap中文网
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论