Statements (14)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:bfsLayer |
6
|
| gptkbp:bfsParent |
gptkb:CWE-23
gptkb:CWE-74 |
| gptkbp:category |
Input Validation and Representation
|
| gptkbp:example |
Using user input directly in printf without validation.
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-134
|
| gptkbp:impact |
Potential for code execution or information disclosure.
|
| gptkbp:is_described_as |
The software uses a format string that is controlled by an external entity.
|
| gptkbp:is_protected_by |
Validate and sanitize all user inputs.
|
| gptkbp:is_referenced_in |
https://cwe.mitre.org/data/definitions/134.html
|
| gptkbp:name |
Use of Externally-Controlled Format String
|
| gptkbp:related_to |
gptkb:CWE-20
CWE-78 |