Add CWE-676 to cwe mapping (#874)

This commit is contained in:
Cosmin Cojocar 2022-10-06 08:18:21 +02:00 committed by GitHub
parent bb4a1e3544
commit 6cd9e6289d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -129,6 +129,11 @@ var (
Description: "The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.", Description: "The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.",
Name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", Name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
}, },
{
ID: "676",
Description: "The program invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.",
Name: "Use of Potentially Dangerous Function",
},
} }
) )