From 6cd9e6289db3ae9a81f9d0a4f6f7aacb4bca4410 Mon Sep 17 00:00:00 2001 From: Cosmin Cojocar Date: Thu, 6 Oct 2022 08:18:21 +0200 Subject: [PATCH] Add CWE-676 to cwe mapping (#874) --- cwe/data.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cwe/data.go b/cwe/data.go index 0e377b9..ff1ad3c 100644 --- a/cwe/data.go +++ b/cwe/data.go @@ -129,6 +129,11 @@ var ( Description: "The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.", Name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", }, + { + ID: "676", + Description: "The program invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.", + Name: "Use of Potentially Dangerous Function", + }, } )