VariantDraft

CWE-456Missing Initialization of a Variable

Category: other

Description

The product does not initialize critical variables, which causes the execution environment to use unexpected values.

Common consequences· 1

  • Integrity / Other — Unexpected State, Quality Degradation, Varies by Context
    The uninitialized data may be invalid, causing logic errors within the program. In some cases, this could result in a security problem.

Potential mitigations· 2

  • [Implementation]Ensure that critical variables are initialized before first use [REF-1485].
  • [Requirements]Choose a language that is not susceptible to these issues.

References

  1. https://cwe.mitre.org/data/definitions/456.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Incorrect Initialization of Resource
CWE
Use of Uninitialized Resource
CWE
Access of Uninitialized Pointer
CWE
Insecure Default Variable Initialization
CWE
Improper Initialization
CWE
Missing Initialization of Resource
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.