ClassIncomplete

CWE-1177Use of Prohibited Code

Category: other

Description

The product uses a function, library, or third party component that has been explicitly prohibited, whether by the developer or the customer.

Common consequences· 1

  • Other — Reduce Maintainability

Potential mitigations· 1

  • [Build and Compilation, Implementation]Identify a list of prohibited API functions and prohibit developers from using these functions, providing safer alternatives. In some cases, automatic code analysis tools or the compiler can be instructed to spot use of prohibited functions, such as the "banned.h" include file from Microsoft's SDL. [REF-554] [REF-1009] [REF-7]

References

  1. https://cwe.mitre.org/data/definitions/1177.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Inclusion of Functionality from Untrusted Control Sphere
CWE
Improper Adherence to Coding Standards
CWE
Use of Low-Level Functionality
CWE
Use of Potentially Dangerous Function
CWE
Exposed Dangerous Method or Function
CWE
Use of Unmaintained Third Party Components
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.