The Android application uses an implicit intent for transmitting sensitive data to other applications.
abstraction Variant
status Incomplete
The product uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme.
abstraction Base
status Incomplete
The product establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin.
abstraction Base
status Incomplete
The product creates a communication channel to initiate an outgoing request to an actor, but it does not correctly specify the intended destination for that actor.
abstraction Base
status Incomplete
The product uses a web-client protection
mechanism such as a Content Security Policy (CSP) or
cross-domain policy file, but the policy includes untrusted
domains with which the web client is allowed to
communicate.
abstraction Variant
status Incomplete
The product generates a query intended to access or manipulate data in a data store such as a database, but it does not neutralize or incorrectly neutralizes special elements that can modify the intended logic of the query.
abstraction Class
status Incomplete
The product uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag.
abstraction Variant
status Incomplete
The product displays information or identifiers to a user, but the display mechanism does not make it easy for the user to distinguish between visually similar or identical glyphs (homoglyphs), which may cause the user to misinterpret a glyph and perform an unintended, insecure action.
abstraction Base
status Incomplete
The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.
abstraction Base
status Incomplete
The web application produces links to untrusted external sites outside of its sphere of control, but it does not properly prevent the external site from modifying security-critical properties of the window.opener object, such as the location property.
abstraction Variant
status Incomplete
The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.
abstraction Class
status Incomplete
The product performs a comparison between two entities, but the entities are of different, incompatible types that cannot be guaranteed to provide correct results when they are directly compared.
abstraction Base
status Incomplete
The code performs a comparison between two entities, but the comparison examines the wrong factors or characteristics of the entities, which can lead to incorrect results and resultant weaknesses.
abstraction Base
status Incomplete
The developer builds a security-critical protection mechanism into the software, but the processor optimizes the execution of the program such that the mechanism is removed or modified.
abstraction Base
status Incomplete
The product uses a mechanism that automatically optimizes code, e.g. to improve a characteristic such as performance, but the optimizations can have an unintended side effect that might violate an intended security assumption.
abstraction Class
status Draft
The product uses an automated mechanism such as machine learning to recognize complex data inputs (e.g. image or audio) as a particular concept or category, but it does not properly detect or handle inputs that have been modified or constructed in a way that causes the mechanism to detect a different, incorrect concept.
abstraction Class
status Incomplete
The product has multiple functions, methods, procedures, macros, etc. that
contain the same code.
abstraction Base
status Incomplete
The code contains a member element that is declared as static (but not final), in which
its parent class element
is not a singleton class - that is, a class element that can be used only once in
the 'to' association of a Create action.
abstraction Variant
status Incomplete
The product uses a data element that has an excessively large
number of sub-elements with non-primitive data types such as structures or aggregated objects.
abstraction Base
status Incomplete
The product's architecture contains too many - or too few -
horizontal layers.
abstraction Base
status Incomplete
A parent class has a virtual destructor method, but the parent has a child class that does not have a virtual destructor.
abstraction Base
status Incomplete
The product creates an immutable text string using string concatenation operations.
abstraction Base
status Incomplete
The product contains modules in which one module has references that cycle back to itself, i.e., there are circular dependencies.
abstraction Base
status Incomplete
The code contains callable control elements that
contain an excessively large number of references to other
application objects external to the context of the callable,
i.e. a Fan-Out value that is excessively large.
abstraction Base
status Incomplete
The product performs a data query with a large number of joins
and sub-queries on a large data table.
abstraction Base
status Incomplete
The product has a loop body or loop condition that contains a control element that directly or
indirectly consumes platform resources, e.g. messaging, sessions, locks, or file
descriptors.
abstraction Base
status Incomplete
The product initializes data using hard-coded values that act as network resource identifiers.
abstraction Base
status Incomplete
The product initializes a data element using a hard-coded
literal that is not a simple integer or static constant element.
abstraction Base
status Incomplete
The product does not have documentation that represents how it is designed.
abstraction Base
status Incomplete
The code at one architectural layer invokes code that resides
at a deeper layer than the adjacent layer, i.e., the invocation skips at least one
layer, and the invoked code is not part of a vertical utility layer that can be referenced from any horizontal layer.
abstraction Base
status Incomplete
The product contains a class with inheritance from more than
one concrete class.
abstraction Base
status Incomplete
A named-callable or method control element has a signature that
supports a variable (variadic) number of parameters or arguments.
abstraction Base
status Incomplete
The product uses a dedicated, central data manager component as required by design, but it contains code that performs data-access operations that do not use this data manager.
abstraction Base
status Incomplete
The code contains a function or method that
operates in a multi-threaded environment but owns an unsafe non-final
static storable or member data element.
abstraction Base
status Incomplete
The product does not contain sufficient
technical or engineering documentation (whether on paper or
in electronic form) that contains descriptions of all the
relevant software/hardware elements of the product, such as
its usage, structure, architectural components, interfaces, design, implementation,
configuration, operation, etc.
abstraction Class
status Incomplete
The product performs too many data queries without using efficient data processing functionality such as stored procedures.
abstraction Base
status Incomplete
The product does not sufficiently hide the internal representation and implementation details of data or methods, which might allow external components or modules to modify data unexpectedly, invoke unexpected functionality, or introduce dependencies that the programmer did not intend.
abstraction Class
status Incomplete
The code has a parent class that contains references to a child class, its methods, or its members.
abstraction Base
status Incomplete
A static code block creates an instance of a class.
abstraction Base
status Incomplete
The product contains a function, subroutine, or method whose signature has an unnecessarily large number of
parameters/arguments.
abstraction Base
status Incomplete
The product uses deployed components from application servers, but it also uses low-level functions/methods for management of resources, instead of the API provided by the application server.
abstraction Base
status Incomplete
The product contains a serializable data element that does not
have an associated serialization method.
abstraction Base
status Incomplete
The product contains a data query against an SQL table or view
that is configured in a way that does not utilize an index and may cause
sequential searches to be performed.
abstraction Base
status Incomplete
The implementation of the product is not consistent with the
design as described within the relevant documentation.
abstraction Base
status Incomplete
An invokable code block contains an exception handling block that does not contain any code, i.e. is empty.
abstraction Variant
status Incomplete
The product contains a serializable, storable data element such as a field or member,
but the data element contains member elements that are not
serializable.
abstraction Base
status Incomplete
The source code contains a block that does not contain any code, i.e., the block is empty.
abstraction Base
status Incomplete
The product accesses a data resource through a database without using a
connection pooling capability.
abstraction Base
status Incomplete
The product contains a client with a function or method that contains a large number of data accesses/queries that are sent through a data manager, i.e., does not use efficient database capabilities.
abstraction Base
status Incomplete
A class has an inheritance level that is too high, i.e., it
has a large number of parent classes.
abstraction Base
status Incomplete
The product performs unconditional control transfer (such as a
"goto") in code outside of a branching structure such as a switch
block.
abstraction Base
status Incomplete
The product's architecture, source code, design, documentation,
or other artifact does not follow required conventions.
abstraction Class
status Incomplete
The code performs a comparison such as an
equality test between two float (floating point) values, but
it uses comparison operators that do not account for the
possibility of loss of precision.
abstraction Variant
status Incomplete
The source code does not follow
desired style or formatting for indentation, white
space, comments, etc.
abstraction Class
status Incomplete
A parent class contains one or more child classes, but the parent class does not have a virtual destructor method.
abstraction Base
status Incomplete
A source code file has too many lines of
code.
abstraction Base
status Incomplete
The code contains a class instance that calls the method or function to delete or destroy itself.
abstraction Base
status Incomplete
The product is intended to manage data access through a particular data manager component such as a relational or non-SQL database, but it contains code that performs data access operations without using that component.
abstraction Base
status Incomplete
A function or method contains too many
operations that utilize a data manager or file resource.
abstraction Base
status Incomplete
A function, method, procedure, etc. contains an excessive amount of code that has been
commented out within its body.
abstraction Base
status Incomplete
A class contains an unnecessarily large number of
children.
abstraction Base
status Incomplete
A class contains a virtual method, but the method does not have an associated virtual destructor.
abstraction Base
status Incomplete
The code has a synchronous call to a remote resource, but there is no timeout for the call, or the timeout is set to infinite.
abstraction Base
status Incomplete
The product uses a large data table that contains an excessively large number of
indices.
abstraction Base
status Incomplete
A method for a class performs an operation that directly
accesses a member element from another class.
abstraction Base
status Incomplete
The product contains a method that accesses an object but does not later invoke
the element's associated finalize/destructor method.
abstraction Base
status Incomplete
The product uses the same control element across multiple
architectural layers.
abstraction Base
status Incomplete
The product uses an unnecessarily complex internal representation for its data structures or interrelationships between those structures.
abstraction Class
status Incomplete
The product contains an index range scan for a large data table,
but the scan can cover a large number of rows.
abstraction Base
status Incomplete
The product uses a loop with a control flow condition based on
a value that is updated within the body of the loop.
abstraction Base
status Incomplete
The product implements a Singleton design pattern but does not use appropriate locking or other synchronization mechanism to ensure that the singleton class is only instantiated once.
abstraction Variant
status Incomplete
The product uses a storable data element that does not have
all of the associated functions or methods that are necessary to support
comparison.
abstraction Base
status Incomplete
The code contains a data element with a pointer that does not have an associated copy or constructor method.
abstraction Base
status Incomplete
The product's code, documentation, or other artifacts do not
consistently use the same naming conventions for variables, callables, groups of
related callables, I/O capabilities, data types, file names, or similar types of
elements.
abstraction Base
status Incomplete
The product or code does not isolate system-dependent
functionality into separate standalone modules.
abstraction Base
status Incomplete
The product uses automatically-generated code that cannot be
executed without a specific runtime support component.
abstraction Base
status Incomplete
The code uses a data representation that relies on low-level
data representation or constructs that may vary across different processors,
physical machines, OSes, or other physical components.
abstraction Base
status Incomplete
The product relies on third-party components that do
not provide equivalent functionality across all desirable
platforms.
abstraction Base
status Incomplete
The product relies on third-party components that are not
actively supported or maintained by the original developer or a trusted proxy
for the original developer.
abstraction Base
status Incomplete
The product or code uses machine-dependent functionality, but
it does not sufficiently encapsulate or isolate this functionality from
the rest of the code.
abstraction Base
status Incomplete