CWE-184

Overview

CWE ID
184

CWE Name
Incomplete List of Disallowed Inputs

CWE Abstraction
Base

CWE structure
Simple

CWE Status
Draft

Description

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete, le

Extended Description

Developers often try to protect their products against malicious input by performing tests against inputs that are known to be bad, such as special characters that can invoke new commands. However, such lists often only account for the most well-known ba

Related CWEs

CWE ID	View ID	Nature	Ordinal
693	1000	ChildOf	Primary
1023	1000	ChildOf
79	1000	CanPrecede
78	1000	CanPrecede
434	1000	CanPrecede
98	1000	CanPrecede

Related CVEs

CVE
CVE-2018-6383
CVE-2021-21697
CVE-2020-14372
CVE-2018-7489
CVE-2021-1135
CVE-2021-1255
CVE-2021-1133
CVE-2018-5968
CVE-2015-5946
CVE-2019-9212
CVE-2016-6189
CVE-2022-23536
CVE-2018-16863
CVE-2023-29003
CVE-2022-34888
CVE-2017-7525
CVE-2017-15095
CVE-2023-3374
CVE-2023-40037
CVE-2023-23844
CVE-2023-45133
CVE-2023-34252
CVE-2023-34253
CVE-2024-20278
CVE-2024-23336
CVE-2024-28246
CVE-2024-30103
CVE-2023-34252
CVE-2023-34253
CVE-2024-20278
CVE-2024-23336
CVE-2024-28246
CVE-2024-30103
CVE-2024-5217
CVE-2024-5178
CVE-2024-32152
CVE-2024-51745
CVE-2024-52595