Vulnerability Types
Page Tree | ||
---|---|---|
|
What is a Vulnerability
Every Kiuwan’s rule checks for specific source code “defects” (flaws, faults, bugs and/or improvements) according to the software characteristics addressed by Kiuwan (Efficiency, Maintainablity, Portability, Reliability and Security).
...
That’s the reason why you can find non-Security rules in Kiuwan Code Security.
Vulnerability types
Every Vulnerability detected by Kiuwan is classified under a category (i.e. Vulnerability Type).
...
- Buffer handling
- Control flow management
- Design error
- Encryption and randomness
- Error handling and fault isolation
- File handling
- Information leaks
- Initialization and shutdown
- Injection
- Misconfiguration
- Number handling
- Permissions, privileges and access controls
- Pointer and reference handling
- System element isolation
- Other
...
Buffer handling
Improper buffer handling can lead to attackers crashing or gaining complete control of a system. An example would be a buffer overflow that allows an adversary to execute his/her code. This type mostly applies to C/C++ languages.
...