CWE-625—Permissive Regular Expression
PUBLISHEDweakness record
released 2007-05-07 · last modified 2023-06-29
Metadata
名称
Permissive Regular Expression
描述
The product uses a regular expression that does not sufficiently restrict the set of allowed values.
This effectively causes the regexp to accept substrings that match the pattern, which produces a partial comparison to the target. In some cases, this can lead to other weaknesses. Common errors include: