CWE-625Permissive Regular Expression

PUBLISHEDweakness record
released 2007-05-07 · last modified 2023-06-29

Metadata

CWE ID:
CWE-625
摘要:
Base
结构:
Simple
状态:
Draft
发布日期:
2007-05-07
更新日期:
2023-06-29

名称

Permissive Regular Expression

描述

The product uses a regular expression that does not sufficiently restrict the set of allowed values.

This effectively causes the regexp to accept substrings that match the pattern, which produces a partial comparison to the target. In some cases, this can lead to other weaknesses. Common errors include:

常见后果

范围:
Access Control
影响:
Bypass Protection Mechanism

相关 CWE