CWE-797: Only Filtering Special Elements at an Absolute Position

The product receives data from an upstream component, but only accounts for special elements at an absolute position (e.g. "byte number 10"), thereby missing remaining special elements that may exist before sending it to a downstream component.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Variant

Abstraction

MITRE classification

Overview

CWE-797 (Only Filtering Special Elements at an Absolute Position) is a variant-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

CWE-797: Only Filtering Special Elements at an Absolute Position

Overview

Common consequences

How it happens

When it is introduced

Code examples

Frequently asked questions

What is CWE-797?

What are the consequences of CWE-797?

References

Stay ahead of CWE-797

Overview

Common consequences

How it happens

When it is introduced

Code examples

Related weaknesses

Parent

Frequently asked questions

What is CWE-797?

What are the consequences of CWE-797?

References

Stay ahead of CWE-797