CWE-796: Only Filtering Special Elements Relative to a Marker

The product receives data from an upstream component, but only accounts for special elements positioned relative to a marker (e.g. "at the beginning/end of a string; the second argument"), thereby missing remaining special elements that may exist before sending it to a downstream component.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Variant

Abstraction

MITRE classification

Overview

CWE-796 (Only Filtering Special Elements Relative to a Marker) is a variant-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

CWE-796: Only Filtering Special Elements Relative to a Marker

Overview

Common consequences

How it happens

When it is introduced

Code examples

Frequently asked questions

What is CWE-796?

What are the consequences of CWE-796?

References

Stay ahead of CWE-796

Overview

Common consequences

How it happens

When it is introduced

Code examples

Related weaknesses

Parent

Frequently asked questions

What is CWE-796?

What are the consequences of CWE-796?

References

Stay ahead of CWE-796