What is the authoritative source for CWE-606?

Unchecked Input for Loop Condition (CWE-606) is catalogued in MITRE CWE and curated for EU compliance use cases by SQUR.

BaseDraft

CWE-606Unchecked Input for Loop Condition

Category: other

Description

The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping.

Common consequences· 1

Availability — DoS: Resource Consumption (CPU)

Potential mitigations· 2

[Implementation]Do not use user-controlled data for loop conditions.
[Implementation]Perform input validation.

References

https://cwe.mitre.org/data/definitions/606.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE

Loop Condition Value Update within the Loop

CWE

Improper Validation of Specified Type of Input

CWE

Improper Input Validation

CWE

Omitted Break Statement in Switch

CWE

Incorrect Control Flow Scoping

CWE

Improper Handling of Exceptional Conditions

Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.