CWE-compatibility claim coverage for the Julia analyzer   as of Julia version 2.6.0 (built on 6 Sep 2018) and CWE List version 2.9

The following is the list of CWE identifiers covered by the Julia analyzer and associated warnings.





CWE22




CWE74

  • AddressInjectionIntoFieldWarning  [from checker BasicInjection]
  • AddressInjectionWarning  [from checker BasicInjection]
  • ControlInjectionIntoFieldWarning  [from checker BasicInjection]
  • ControlInjectionWarning  [from checker BasicInjection]
  • DOSInjectionIntoFieldWarning  [from checker BasicInjection]
  • DOSInjectionWarning  [from checker BasicInjection]
  • DeviceInjectionIntoFieldWarning  [from checker BasicInjection]
  • DeviceInjectionWarning  [from checker BasicInjection]
  • GenericInjectionIntoFieldWarning  [from checker BasicInjection]
  • GenericInjectionWarning  [from checker BasicInjection]
  • ResourceInjectionIntoFieldWarning  [from checker BasicInjection]
  • ResourceInjectionWarning  [from checker BasicInjection]
  • URLInjectionIntoFieldWarning  [from checker BasicInjection]
  • URLInjectionWarning  [from checker BasicInjection]
  • AddressInjectionIntoFieldWarning  [from checker Injection]
  • AddressInjectionWarning  [from checker Injection]
  • ControlInjectionIntoFieldWarning  [from checker Injection]
  • ControlInjectionWarning  [from checker Injection]
  • DOSInjectionIntoFieldWarning  [from checker Injection]
  • DOSInjectionWarning  [from checker Injection]
  • DeviceInjectionIntoFieldWarning  [from checker Injection]
  • DeviceInjectionWarning  [from checker Injection]
  • GenericInjectionIntoFieldWarning  [from checker Injection]
  • GenericInjectionWarning  [from checker Injection]
  • ResourceInjectionIntoFieldWarning  [from checker Injection]
  • ResourceInjectionWarning  [from checker Injection]
  • URLInjectionIntoFieldWarning  [from checker Injection]
  • URLInjectionWarning  [from checker Injection]



CWE78

  • CommandInjectionIntoFieldWarning  [from checker BasicInjection]
  • CommandInjectionWarning  [from checker BasicInjection]
  • CommandInjectionIntoFieldWarning  [from checker Injection]
  • CommandInjectionWarning  [from checker Injection]



CWE79




CWE89




CWE90

  • LDAPAttributeInjectionIntoFieldWarning  [from checker BasicInjection]
  • LDAPAttributeInjectionWarning  [from checker BasicInjection]
  • LDAPFilterInjectionIntoFieldWarning  [from checker BasicInjection]
  • LDAPFilterInjectionWarning  [from checker BasicInjection]
  • LDAPAttributeInjectionIntoFieldWarning  [from checker Injection]
  • LDAPAttributeInjectionWarning  [from checker Injection]
  • LDAPFilterInjectionIntoFieldWarning  [from checker Injection]
  • LDAPFilterInjectionWarning  [from checker Injection]



CWE94




CWE95

  • EvalInjectionIntoFieldWarning  [from checker Injection]
  • EvalInjectionWarning  [from checker Injection]



CWE113

  • HttpResponseInjectionIntoFieldWarning  [from checker BasicInjection]
  • HttpResponseSplittingWarning  [from checker BasicInjection]
  • HttpResponseInjectionIntoFieldWarning  [from checker Injection]
  • HttpResponseSplittingWarning  [from checker Injection]



CWE117




CWE187

  • SuspiciousInheritanceOfEqualsWarning  [from checker EqualsHashCode]



CWE190

  • CastIntComputationIntoLongWarning  [from checker Approximation]



CWE197




CWE227




CWE252




CWE253

  • DereferenceOfReturnValueWithoutCheckWarning  [from checker BasicNullness]
  • UselessNullnessTestOfMethodReturnWarning  [from checker Nullness]



CWE259

  • HardcodedPasswordWarning  [from checker Passwords]



CWE287




CWE319

  • MessageInjectionIntoFieldWarning  [from checker BasicInjection]
  • MessageInjectionWarning  [from checker BasicInjection]
  • MessageInjectionIntoFieldWarning  [from checker Injection]
  • MessageInjectionWarning  [from checker Injection]



CWE326

  • InsecureKeyDerivationFunctionWarning  [from checker Cryptography]



CWE327

  • RiskyCryptographicAlgorithmWarning  [from checker Cryptography]
  • UnsafeBase64EncodingWarning  [from checker Cryptography]



CWE328




CWE330

  • InsecureRandomWarning  [from checker Random]



CWE332

  • SuboptimalRandomNumberWarning  [from checker Random]



CWE349

  • LDAPPoisoningWarning  [from checker Ldap]



CWE359

  • LeakageOfPrivateDataThroughFieldUnknownSourceWarning  [from checker Gdpr]
  • LeakageOfPrivateDataThroughFieldWarning  [from checker Gdpr]
  • LeakageOfPrivateDataThroughParameterUnknownSourceWarning  [from checker Gdpr]
  • LeakageOfPrivateDataThroughParameterWarning  [from checker Gdpr]



CWE390




CWE392




CWE395




CWE396




CWE397




CWE398

  • RedundantImplementsWarning  [from checker BadExtension]
  • UselessClasscastWarning  [from checker Classcast]
  • FieldNeverUsedWarning  [from checker FieldAccess]
  • UselessNullnessTestOfFieldWarning  [from checker Nullness]
  • UselessNullnessTestOfFormalWarning  [from checker Nullness]
  • UselessNullnessTestWarning  [from checker Nullness]
  • SetStaticInNonStaticWarning  [from checker StaticFieldAccess]
  • UnusedClassWarning  [from checker UnusedClass]
  • UselessCallWarning  [from checker UselessCall]
  • UselessTestWarning  [from checker UselessTest]



CWE400




CWE412

  • SynchronisationOnInternedStringWarning  [from checker Concurrency]



CWE413

  • ExpensiveSynchronizationOnStaticWarning  [from checker Concurrency]
  • ImpossibleClientSideLockingWarning  [from checker Concurrency]



CWE440

  • CallToToStringOnArrayWarning  [from checker CallsOnArray]



CWE456




CWE470

  • ReflectionInjectionIntoFieldWarning  [from checker BasicInjection]
  • ReflectionInjectionWarning  [from checker BasicInjection]
  • ReflectionInjectionIntoFieldWarning  [from checker Injection]
  • ReflectionInjectionWarning  [from checker Injection]



CWE476

  • ActualNullWarning  [from checker BasicNullness]
  • ArrayLengthOfNullWarning  [from checker BasicNullness]
  • ArrayLoadFromNullWarning  [from checker BasicNullness]
  • ArrayStoreIntoNullWarning  [from checker BasicNullness]
  • CallOnNullWarning  [from checker BasicNullness]
  • FormalNullWarning  [from checker BasicNullness]
  • GetFieldFromNullWarning  [from checker BasicNullness]
  • PutFieldIntoNullWarning  [from checker BasicNullness]
  • ReturningNullForArrayWarning  [from checker BasicNullness]
  • ReturningNullForBooleanWarning  [from checker BasicNullness]
  • ReturningNullForOptionalWarning  [from checker BasicNullness]
  • SynchronizationOnNullWarning  [from checker BasicNullness]
  • ThrowOfNullWarning  [from checker BasicNullness]
  • ActualInnerNullWarning  [from checker Nullness]
  • ActualNullWarning  [from checker Nullness]
  • ArrayLengthOfNullWarning  [from checker Nullness]
  • ArrayLoadFromNullWarning  [from checker Nullness]
  • ArrayStoreIntoNullWarning  [from checker Nullness]
  • CallOnNullWarning  [from checker Nullness]
  • FieldInnerNullWarning  [from checker Nullness]
  • FieldNullWarning  [from checker Nullness]
  • FormalInnerNullWarning  [from checker Nullness]
  • FormalNullWarning  [from checker Nullness]
  • GetFieldFromNullWarning  [from checker Nullness]
  • MethodReturnsInnerNullWarning  [from checker Nullness]
  • MethodReturnsNullWarning  [from checker Nullness]
  • PutFieldIntoNullWarning  [from checker Nullness]
  • SynchronizationOnNullWarning  [from checker Nullness]
  • ThrowOfNullWarning  [from checker Nullness]



CWE477

  • InadequateCallInProductionWarning  [from checker Production]
  • UseLogInsteadWarning  [from checker Production]



CWE480

  • EqualsWarning  [from checker BadEq]
  • ANDAgainstConstantWarning  [from checker ShortCircuit]
  • InefficientSameValueANDWarning  [from checker ShortCircuit]
  • InefficientSameValueORWarning  [from checker ShortCircuit]
  • ORAgainstConstantWarning  [from checker ShortCircuit]



CWE481

  • AssigningInsteadOfComparingWarning  [from checker BadEq]



CWE485




CWE491

  • CloneForNonCloneableWarning  [from checker Clone]
  • NonFinalCloneMethodWarning  [from checker Clone]
  • SubclassesMayBeClonedWarning  [from checker Clone]



CWE492

  • InnerClassShouldBeStaticWarning  [from checker InnerClasses]



CWE501

  • SessionInjectionIntoFieldWarning  [from checker BasicInjection]
  • SessionInjectionWarning  [from checker BasicInjection]
  • TrustBoundaryViolationIntoFieldWarning  [from checker BasicInjection]
  • TrustBoundaryViolationWarning  [from checker BasicInjection]
  • SessionInjectionIntoFieldWarning  [from checker Injection]
  • SessionInjectionWarning  [from checker Injection]
  • TrustBoundaryViolationIntoFieldWarning  [from checker Injection]
  • TrustBoundaryViolationWarning  [from checker Injection]



CWE522

  • PasswordInPropertyFileWarning  [from checker Passwords]



CWE547

  • HardcodedFileNameWarning  [from checker Resources]



CWE561

  • ClassNeverInstantiatedWarning  [from checker Deadcode]
  • UncalledWarning  [from checker Deadcode]
  • UnreachableInstructionWarning  [from checker Deadcode]



CWE563




CWE567

  • VolatileArrayFieldWarning  [from checker Concurrency]
  • VolatileContainerFieldWarning  [from checker Concurrency]
  • MissingSynchronizedWarning  [from checker GuardedBy]
  • UnguardedFieldWarning  [from checker GuardedBy]
  • UnguardedParameterWarning  [from checker GuardedBy]



CWE570




CWE571




CWE572

  • SynchronousCallToThreadBodyWarning  [from checker Concurrency]



CWE573

  • CallSuperWarning  [from checker CallSuper]



CWE581




CWE585

  • UselessSynchronizationWarning  [from checker Concurrency]



CWE595

  • EqualityWarning  [from checker BadEq]
  • EqualsOnArraysWarning  [from checker BadEq]
  • ImpossibleEqualityWarning  [from checker BadEq]



CWE596

  • EqualsOnDisjointTypesWarning  [from checker BadEq]
  • ImpossibleEqualsWarning  [from checker BadEq]
  • AsymmetricalCompareToWarning  [from checker CompareTo]
  • CompareToInconsistentWithEqualsWarning  [from checker CompareTo]
  • CompareToWithDefaultEqualsWarning  [from checker CompareTo]



CWE597

  • InefficientStringEmptynessTestWarning  [from checker BadEq]



CWE607




CWE609

  • UnsafeLazyInitialisationWarning  [from checker Concurrency]



CWE611

  • XXEAttackWarning  [from checker Xxe]



CWE614

  • InsecureCookieWarning  [from checker Cookie]
  • PossibleInsecureCookieCreationWarning  [from checker Cookie]



CWE628




CWE643




CWE662

  • UselessVolatileModifierWarning  [from checker Concurrency]



CWE664

  • LeakThroughCallbackFieldWarning  [from checker Leak]
  • LeakThroughCallbackWarning  [from checker Leak]
  • LeakThroughFieldWarning  [from checker Leak]
  • LeakThroughInnerClass  [from checker Leak]



CWE665




CWE674




CWE682




CWE686




CWE704

  • ArrayStoreWarning  [from checker Classcast]
  • ClasscastGenericWarning  [from checker Classcast]
  • ClasscastOfFieldWarning  [from checker Classcast]
  • ClasscastOfFormalWarning  [from checker Classcast]
  • ClasscastOfMethodReturnWarning  [from checker Classcast]



CWE768




CWE771




CWE772

  • ResourceNotClosedAtEndOfMethodWarning  [from checker CloseResource]
  • FieldNeverReadWarning  [from checker FieldAccess]
  • FieldIsOnlyUsedInConstructorsWarning  [from checker ImproperField]
  • FieldIsOnlyUsedInStaticInitialiserWarning  [from checker ImproperField]
  • FieldShouldBeReplacedByLocalsWarning  [from checker ImproperField]



CWE820

  • UnguardedMethodOrConstructorWarning  [from checker GuardedBy]



CWE833

  • BlockingCallInsideSynchronizationWarning  [from checker Concurrency]



CWE909

  • EmptyJarEntryWarning  [from checker Zip]
  • EmptyZipEntryWarning  [from checker Zip]



CWE913

  • MissingSerialVersionFieldWarning  [from checker Serialization]
  • NonSerializableElementsOfFieldWarning  [from checker Serialization]
  • NonSerializableFieldWarning  [from checker Serialization]
  • NonSerializableOuterClassWarning  [from checker Serialization]
  • UnexpectedSerialVersionFieldWarning  [from checker Serialization]