CWE

Common Weakness Enumeration

A community-developed list of SW & HW weaknesses that can become vulnerabilities
New to CWE? click here!
CWE Most Important Hardware Weaknesses
CWE Top 25 Most Dangerous Weaknesses
Home > CWE List > CWE- Individual Dictionary Definition (4.18)
ID
CWE Glossary Definition

CWE VIEW: Weaknesses Addressed by the SEI CERT Perl Coding Standard

View ID: 1178
Vulnerability Mapping: PROHIBITED This CWE ID must not be used to map to real-world vulnerabilities
Type: Graph
Downloads: Booklet | CSV | XML
Objective
CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommendations of the SEI CERT Perl Coding Standard.
Audience
Stakeholder Description
Software Developers By following the SEI CERT Perl Coding Standard, developers will be able to fully or partially prevent the weaknesses that are identified in this view. In addition, developers can use a CWE coverage graph to determine which weaknesses are not directly addressed by the standard, which will help identify and resolve remaining gaps in training, tool acquisition, or other approaches for reducing weaknesses.
Product Customers If a software developer claims to be following the SEI CERT Perl Coding Standard, then customers can search for the weaknesses in this view in order to formulate independent evidence of that claim.
Educators Educators can use this view in multiple ways. For example, if there is a focus on teaching weaknesses, the educator could link them to the relevant Secure Coding Standard.
Relationships
The following graph shows the tree-like relationships between weaknesses that exist at different levels of abstraction. At the highest level, categories and pillars exist to group weaknesses. Categories (which are not technically weaknesses) are special CWE entries used to group weaknesses that share a common characteristic. Pillars are weaknesses that are described in the most abstract fashion. Below these top-level entries are weaknesses are varying levels of abstraction. Classes are still very abstract, typically independent of any specific language or technology. Base level weaknesses are used to present a more specific type of weakness. A variant is a weakness that is described at a very low level of detail, typically limited to a specific language or technology. A chain is a set of weaknesses that must be reachable consecutively in order to produce an exploitable vulnerability. While a composite is a set of weaknesses that must all be present simultaneously in order to produce an exploitable vulnerability.
Show Details:
|
1178 - Weaknesses Addressed by the SEI CERT Perl Coding Standard
Category Category - a CWE entry that contains a set of other entries that share a common characteristic. SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS) - (1179)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1179 (SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS))
Weaknesses in this category are related to the rules and recommendations in the Input Validation and Data Sanitization (IDS) section of the SEI CERT Perl Coding Standard.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') - (22)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1179 (SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)) > 22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. Directory traversal Path traversal
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Use of Externally-Controlled Format String - (134)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1179 (SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)) > 134 (Use of Externally-Controlled Format String)
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
* Variant Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource. Improper Validation of Array Index - (129)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1179 (SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)) > 129 (Improper Validation of Array Index)
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. out-of-bounds array index index-out-of-range array index underflow
* Variant Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource. Memory Allocation with Excessive Size Value - (789)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1179 (SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)) > 789 (Memory Allocation with Excessive Size Value)
The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated. Stack Exhaustion
* Class Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource. Improper Encoding or Escaping of Output - (116)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1179 (SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)) > 116 (Improper Encoding or Escaping of Output)
The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. Output Sanitization Output Validation Output Encoding
* Class Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource. Improper Neutralization of Special Elements used in a Command ('Command Injection') - (77)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1179 (SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)) > 77 (Improper Neutralization of Special Elements used in a Command ('Command Injection'))
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. Command injection
* Variant Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource. Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') - (95)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1179 (SEI CERT Perl Coding Standard - Guidelines 01. Input Validation and Data Sanitization (IDS)) > 95 (Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'))
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").
Category Category - a CWE entry that contains a set of other entries that share a common characteristic. SEI CERT Perl Coding Standard - Guidelines 02. Declarations and Initialization (DCL) - (1180)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1180 (SEI CERT Perl Coding Standard - Guidelines 02. Declarations and Initialization (DCL))
Weaknesses in this category are related to the rules and recommendations in the Declarations and Initialization (DCL) section of the SEI CERT Perl Coding Standard.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Function Call with Incorrectly Specified Arguments - (628)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1180 (SEI CERT Perl Coding Standard - Guidelines 02. Declarations and Initialization (DCL)) > 628 (Function Call with Incorrectly Specified Arguments)
The product calls a function, procedure, or routine with arguments that are not correctly specified, leading to always-incorrect behavior and resultant weaknesses.
* Variant Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource. Missing Initialization of a Variable - (456)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1180 (SEI CERT Perl Coding Standard - Guidelines 02. Declarations and Initialization (DCL)) > 456 (Missing Initialization of a Variable)
The product does not initialize critical variables, which causes the execution environment to use unexpected values.
* Variant Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource. Use of Uninitialized Variable - (457)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1180 (SEI CERT Perl Coding Standard - Guidelines 02. Declarations and Initialization (DCL)) > 457 (Use of Uninitialized Variable)
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Use of Obsolete Function - (477)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1180 (SEI CERT Perl Coding Standard - Guidelines 02. Declarations and Initialization (DCL)) > 477 (Use of Obsolete Function)
The code uses deprecated or obsolete functions, which suggests that the code has not been actively reviewed or maintained.
Category Category - a CWE entry that contains a set of other entries that share a common characteristic. SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP) - (1181)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP))
Weaknesses in this category are related to the rules and recommendations in the Expressions (EXP) section of the SEI CERT Perl Coding Standard.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Unexpected Status Code or Return Value - (394)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 394 (Unexpected Status Code or Return Value)
The product does not properly check when a function or operation returns a value that is legitimate for the function, but is not expected by the product.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Operator Precedence Logic Error - (783)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 783 (Operator Precedence Logic Error)
The product uses an expression in which operator precedence causes incorrect logic to be used.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Use of Obsolete Function - (477)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 477 (Use of Obsolete Function)
The code uses deprecated or obsolete functions, which suggests that the code has not been actively reviewed or maintained.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Uncaught Exception - (248)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 248 (Uncaught Exception)
An exception is thrown from a function, but it is not caught.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Unchecked Error Condition - (391)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 391 (Unchecked Error Condition)
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Improper Cleanup on Thrown Exception - (460)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 460 (Improper Cleanup on Thrown Exception)
The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.
* Class Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource. Incorrect Control Flow Scoping - (705)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 705 (Incorrect Control Flow Scoping)
The product does not properly return control flow to the proper location after it has completed a task or detected an unusual condition.
* Class Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource. Improper Check for Unusual or Exceptional Conditions - (754)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 754 (Improper Check for Unusual or Exceptional Conditions)
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Unchecked Return Value - (252)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 252 (Unchecked Return Value)
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
* Chain Chain - a Compound Element that is a sequence of two or more separate weaknesses that can be closely linked together within software. One weakness, X, can directly create the conditions that are necessary to cause another weakness, Y, to enter a vulnerable condition. When this happens, CWE refers to X as "primary" to Y, and Y is "resultant" from X. Chains can involve more than two weaknesses, and in some cases, they might have a tree-like structure. Unchecked Return Value to NULL Pointer Dereference - (690)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 690 (Unchecked Return Value to NULL Pointer Dereference)
The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Function Call with Incorrectly Specified Arguments - (628)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 628 (Function Call with Incorrectly Specified Arguments)
The product calls a function, procedure, or routine with arguments that are not correctly specified, leading to always-incorrect behavior and resultant weaknesses.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Returning a Mutable Object to an Untrusted Caller - (375)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 375 (Returning a Mutable Object to an Untrusted Caller)
Sending non-cloned mutable data as a return value may result in that data being altered or deleted by the calling function.
* Variant Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource. Use of Wrong Operator in String Comparison - (597)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1181 (SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP)) > 597 (Use of Wrong Operator in String Comparison)
The product uses the wrong operator when comparing a string, such as using "==" when the .equals() method should be used instead.
Category Category - a CWE entry that contains a set of other entries that share a common characteristic. SEI CERT Perl Coding Standard - Guidelines 04. Integers (INT) - (1182)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1182 (SEI CERT Perl Coding Standard - Guidelines 04. Integers (INT))
Weaknesses in this category are related to the rules and recommendations in the Integers (INT) section of the SEI CERT Perl Coding Standard.
* Category Category - a CWE entry that contains a set of other entries that share a common characteristic. Numeric Errors - (189)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1182 (SEI CERT Perl Coding Standard - Guidelines 04. Integers (INT)) > 189 (Numeric Errors)
Weaknesses in this category are related to improper calculation or conversion of numbers.
* Category Category - a CWE entry that contains a set of other entries that share a common characteristic. SEI CERT Perl Coding Standard - Guidelines 05. Strings (STR) - (1183)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1183 (SEI CERT Perl Coding Standard - Guidelines 05. Strings (STR))
Weaknesses in this category are related to the rules and recommendations in the Strings (STR) section of the SEI CERT Perl Coding Standard.
Category Category - a CWE entry that contains a set of other entries that share a common characteristic. SEI CERT Perl Coding Standard - Guidelines 06. Object-Oriented Programming (OOP) - (1184)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1184 (SEI CERT Perl Coding Standard - Guidelines 06. Object-Oriented Programming (OOP))
Weaknesses in this category are related to the rules and recommendations in the Object-Oriented Programming (OOP) section of the SEI CERT Perl Coding Standard.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Access to Critical Private Variable via Public Method - (767)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1184 (SEI CERT Perl Coding Standard - Guidelines 06. Object-Oriented Programming (OOP)) > 767 (Access to Critical Private Variable via Public Method)
The product defines a public method that reads or modifies a private variable.
Category Category - a CWE entry that contains a set of other entries that share a common characteristic. SEI CERT Perl Coding Standard - Guidelines 07. File Input and Output (FIO) - (1185)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1185 (SEI CERT Perl Coding Standard - Guidelines 07. File Input and Output (FIO))
Weaknesses in this category are related to the rules and recommendations in the File Input and Output (FIO) section of the SEI CERT Perl Coding Standard.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Improper Link Resolution Before File Access ('Link Following') - (59)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1185 (SEI CERT Perl Coding Standard - Guidelines 07. File Input and Output (FIO)) > 59 (Improper Link Resolution Before File Access ('Link Following'))
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. insecure temporary file Zip Slip
Category Category - a CWE entry that contains a set of other entries that share a common characteristic. SEI CERT Perl Coding Standard - Guidelines 50. Miscellaneous (MSC) - (1186)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1186 (SEI CERT Perl Coding Standard - Guidelines 50. Miscellaneous (MSC))
Weaknesses in this category are related to the rules and recommendations in the Miscellaneous (MSC) section of the SEI CERT Perl Coding Standard.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Dead Code - (561)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1186 (SEI CERT Perl Coding Standard - Guidelines 50. Miscellaneous (MSC)) > 561 (Dead Code)
The product contains dead code, which can never be executed.
* Base Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. Assignment to Variable without Use - (563)
1178 (Weaknesses Addressed by the SEI CERT Perl Coding Standard) > 1186 (SEI CERT Perl Coding Standard - Guidelines 50. Miscellaneous (MSC)) > 563 (Assignment to Variable without Use)
The variable's value is assigned but never used, making it a dead store. Unused Variable
Vulnerability Mapping Notes

Usage: PROHIBITED

(this CWE ID must not be used to map to real-world vulnerabilities)

Reason: View

Rationale:

This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.

Comments:

Use this View or other Views to search and navigate for the appropriate weakness.
Notes

Relationship

The relationships in this view were determined based on specific statements within the rules from the standard. Not all rules have direct relationships to individual weaknesses, although they likely have chaining relationships in specific circumstances.
References
[REF-1011] The Software Engineering Institute. "SEI CERT Perl Coding Standard". <https://wiki.sei.cmu.edu/confluence/display/perl/SEI+CERT+Perl+Coding+Standard>.
View Metrics
CWEs in this view Total CWEs
Weaknesses 26 out of 944
Categories 9 out of 375
Views 0 out of 52
Total 35 out of 1371
Content History
Submissions
Submission Date Submitter Organization
2019年01月08日
(CWE 3.3, 2019年06月20日) 		CWE Content Team MITRE
Modifications
Modification Date Modifier Organization
2020年02月24日 CWE Content Team MITRE
updated View_Audience
2023年06月29日 CWE Content Team MITRE
updated Mapping_Notes
More information is available — Please edit the custom filter or select a different filter.
Page Last Updated: September 09, 2025

Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2025, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.

AltStyle によって変換されたページ (->オリジナル) /