VariantIncomplete

CWE-1069Empty Exception Block

Category: other

Description

An invokable code block contains an exception handling block that does not contain any code, i.e. is empty.

Common consequences· 1

  • Other — Reduce Reliability
    When an exception handling block (such as a Catch and Finally block) is used, but that block is empty, this can prevent the product from running reliably. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.

Potential mitigations· 1

  • [Implementation]For every exception block add code that handles the specific exception in the way intended by the application.

References

  1. https://cwe.mitre.org/data/definitions/1069.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Empty Code Block
CWE
Missing Handler
CWE
Return Inside Finally Block
CWE
Uncaught Exception
CWE
Empty Synchronized Block
CWE
Dead Code
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.