CWE-compatibility claim coverage for the Julia analyzer   as of Julia version 2.4 (built on 23 Oct 2017) and CWE List version 2.9

The following is the list of CWE identifiers covered by the Julia analyzer and associated warnings.





CWE22




CWE74

  • ControlInjectionIntoFieldWarning  [from checker BasicInjection]
  • ControlInjectionWarning  [from checker BasicInjection]
  • DOSInjectionIntoFieldWarning  [from checker BasicInjection]
  • DOSInjectionWarning  [from checker BasicInjection]
  • GenericInjectionIntoFieldWarning  [from checker BasicInjection]
  • GenericInjectionWarning  [from checker BasicInjection]
  • ResourceInjectionIntoFieldWarning  [from checker BasicInjection]
  • ResourceInjectionWarning  [from checker BasicInjection]
  • URLInjectionIntoFieldWarning  [from checker BasicInjection]
  • URLInjectionWarning  [from checker BasicInjection]
  • ControlInjectionIntoFieldWarning  [from checker Injection]
  • ControlInjectionWarning  [from checker Injection]
  • DOSInjectionIntoFieldWarning  [from checker Injection]
  • DOSInjectionWarning  [from checker Injection]
  • GenericInjectionIntoFieldWarning  [from checker Injection]
  • GenericInjectionWarning  [from checker Injection]
  • ResourceInjectionIntoFieldWarning  [from checker Injection]
  • ResourceInjectionWarning  [from checker Injection]
  • URLInjectionIntoFieldWarning  [from checker Injection]
  • URLInjectionWarning  [from checker Injection]



CWE78

  • CommandInjectionIntoFieldWarning  [from checker BasicInjection]
  • CommandInjectionWarning  [from checker BasicInjection]
  • CommandInjectionIntoFieldWarning  [from checker Injection]
  • CommandInjectionWarning  [from checker Injection]



CWE79




CWE89




CWE90

  • LDAPAttributeInjectionIntoFieldWarning  [from checker BasicInjection]
  • LDAPAttributeInjectionWarning  [from checker BasicInjection]
  • LDAPFilterInjectionIntoFieldWarning  [from checker BasicInjection]
  • LDAPFilterInjectionWarning  [from checker BasicInjection]
  • LDAPAttributeInjectionIntoFieldWarning  [from checker Injection]
  • LDAPAttributeInjectionWarning  [from checker Injection]
  • LDAPFilterInjectionIntoFieldWarning  [from checker Injection]
  • LDAPFilterInjectionWarning  [from checker Injection]



CWE94




CWE95

  • EvalInjectionIntoFieldWarning  [from checker Injection]
  • EvalInjectionWarning  [from checker Injection]



CWE113

  • HttpResponseInjectionIntoFieldWarning  [from checker BasicInjection]
  • HttpResponseSplittingWarning  [from checker BasicInjection]
  • HttpResponseInjectionIntoFieldWarning  [from checker Injection]
  • HttpResponseSplittingWarning  [from checker Injection]



CWE117




CWE125

  • ArrayReadOutOfBoundsWarning  [from checker Termination]



CWE187

  • SuspiciousInheritanceOfEqualsWarning  [from checker EqualsHashCode]



CWE190

  • CastIntComputationIntoLongWarning  [from checker Approximation]



CWE197




CWE227




CWE242

  • CallToToStringOnArrayWarning  [from checker CallsOnArray]



CWE252

  • MissingNullnessCheckOfReturnedValueWarning  [from checker BasicNullness]



CWE253

  • DereferenceOfReturnValueWithoutCheckWarning  [from checker BasicNullness]
  • UselessNullnessTestOfMethodReturnWarning  [from checker Nullness]
  • ReturnValueShouldBeUsedWarning  [from checker UnusedReturnValue]



CWE259

  • HardcodedPasswordWarning  [from checker Passwords]



CWE287




CWE319

  • MessageInjectionIntoFieldWarning  [from checker BasicInjection]
  • MessageInjectionWarning  [from checker BasicInjection]
  • MessageInjectionIntoFieldWarning  [from checker Injection]
  • MessageInjectionWarning  [from checker Injection]



CWE327

  • RiskyCryptographicAlgorithmWarning  [from checker Cryptography]
  • UnsafeBase64EncodingWarning  [from checker Cryptography]



CWE328




CWE330

  • InsecureRandomWarning  [from checker Random]



CWE332

  • SuboptimalRandomNumberWarning  [from checker Random]



CWE349

  • LDAPPoisoningWarning  [from checker Ldap]



CWE390




CWE392




CWE395




CWE396




CWE397




CWE398

  • RedundantImplementsWarning  [from checker BadExtension]
  • UselessClasscastWarning  [from checker Classcast]
  • FieldNeverUsedWarning  [from checker FieldAccess]
  • UselessNullnessTestOfFieldWarning  [from checker Nullness]
  • UselessNullnessTestOfFormalWarning  [from checker Nullness]
  • UselessNullnessTestWarning  [from checker Nullness]
  • SetStaticInNonStaticWarning  [from checker StaticFieldAccess]
  • UnusedClassWarning  [from checker UnusedClass]
  • UselessCallWarning  [from checker UselessCall]
  • UselessTestWarning  [from checker UselessTest]



CWE400




CWE412

  • SynchronisationOnInternedStringWarning  [from checker Concurrency]



CWE413

  • ExpensiveSynchronizationOnStaticWarning  [from checker Concurrency]



CWE456




CWE470

  • ReflectionInjectionIntoFieldWarning  [from checker BasicInjection]
  • ReflectionInjectionWarning  [from checker BasicInjection]
  • ReflectionInjectionIntoFieldWarning  [from checker Injection]
  • ReflectionInjectionWarning  [from checker Injection]



CWE476

  • ActualNullWarning  [from checker BasicNullness]
  • ArrayLengthOfNullWarning  [from checker BasicNullness]
  • ArrayLoadFromNullWarning  [from checker BasicNullness]
  • ArrayStoreIntoNullWarning  [from checker BasicNullness]
  • CallOnNullWarning  [from checker BasicNullness]
  • FormalNullWarning  [from checker BasicNullness]
  • GetFieldFromNullWarning  [from checker BasicNullness]
  • PutFieldIntoNullWarning  [from checker BasicNullness]
  • ReturningNullForArrayWarning  [from checker BasicNullness]
  • ReturningNullForBooleanWarning  [from checker BasicNullness]
  • ReturningNullForOptionalWarning  [from checker BasicNullness]
  • SynchronizationOnNullWarning  [from checker BasicNullness]
  • ThrowOfNullWarning  [from checker BasicNullness]
  • ActualInnerNullWarning  [from checker Nullness]
  • ActualNullWarning  [from checker Nullness]
  • ArrayLengthOfNullWarning  [from checker Nullness]
  • ArrayLoadFromNullWarning  [from checker Nullness]
  • ArrayStoreIntoNullWarning  [from checker Nullness]
  • CallOnNullWarning  [from checker Nullness]
  • FieldInnerNullWarning  [from checker Nullness]
  • FieldNullWarning  [from checker Nullness]
  • FormalInnerNullWarning  [from checker Nullness]
  • FormalNullWarning  [from checker Nullness]
  • GetFieldFromNullWarning  [from checker Nullness]
  • MethodReturnsInnerNullWarning  [from checker Nullness]
  • MethodReturnsNullWarning  [from checker Nullness]
  • PutFieldIntoNullWarning  [from checker Nullness]
  • SynchronizationOnNullWarning  [from checker Nullness]
  • ThrowOfNullWarning  [from checker Nullness]



CWE477

  • InadequateCallInProductionWarning  [from checker Production]
  • UseLogInsteadWarning  [from checker Production]



CWE480

  • EqualsWarning  [from checker BadEq]
  • ANDAgainstConstantWarning  [from checker ShortCircuit]
  • InefficientSameValueANDWarning  [from checker ShortCircuit]
  • InefficientSameValueORWarning  [from checker ShortCircuit]
  • ORAgainstConstantWarning  [from checker ShortCircuit]



CWE481

  • AssigningInsteadOfComparingWarning  [from checker BadEq]



CWE485




CWE491

  • CloneForNonCloneableWarning  [from checker Clone]
  • SubclassesMayBeClonedWarning  [from checker Clone]



CWE492

  • InnerClassShouldBeStaticWarning  [from checker InnerClasses]



CWE501

  • SessionInjectionIntoFieldWarning  [from checker BasicInjection]
  • SessionInjectionWarning  [from checker BasicInjection]
  • TrustBoundaryViolationIntoFieldWarning  [from checker BasicInjection]
  • TrustBoundaryViolationWarning  [from checker BasicInjection]
  • SessionInjectionIntoFieldWarning  [from checker Injection]
  • SessionInjectionWarning  [from checker Injection]
  • TrustBoundaryViolationIntoFieldWarning  [from checker Injection]
  • TrustBoundaryViolationWarning  [from checker Injection]



CWE522

  • PasswordInPropertyFileWarning  [from checker Passwords]



CWE547

  • HardcodedFileNameWarning  [from checker Resources]



CWE561

  • ClassNeverInstantiatedWarning  [from checker Deadcode]
  • UncalledWarning  [from checker Deadcode]
  • UnreachableInstructionWarning  [from checker Deadcode]



CWE563




CWE567

  • VolatileArrayFieldWarning  [from checker Concurrency]
  • VolatileContainerFieldWarning  [from checker Concurrency]
  • MissingSynchronizedWarning  [from checker GuardedBy]
  • UnguardedFieldWarning  [from checker GuardedBy]
  • UnguardedParameterWarning  [from checker GuardedBy]



CWE570




CWE571




CWE572

  • SynchronousCallToThreadBodyWarning  [from checker Concurrency]



CWE573

  • CallSuperWarning  [from checker CallSuper]



CWE581




CWE585

  • UselessSynchronizationWarning  [from checker Concurrency]



CWE595

  • EqualityWarning  [from checker BadEq]
  • EqualsOnArraysWarning  [from checker BadEq]
  • ImpossibleEqualityWarning  [from checker BadEq]



CWE596

  • EqualsOnDisjointTypesWarning  [from checker BadEq]
  • ImpossibleEqualsWarning  [from checker BadEq]
  • AsymmetricalCompareToWarning  [from checker CompareTo]
  • CompareToInconsistentWithEqualsWarning  [from checker CompareTo]
  • CompareToWithDefaultEqualsWarning  [from checker CompareTo]



CWE597

  • InefficientStringEmptynessTestWarning  [from checker BadEq]



CWE607




CWE609

  • UnsafeLazyInitialisationWarning  [from checker Concurrency]



CWE611

  • XXEAttackWarning  [from checker Xxe]



CWE614

  • InsecureCookieWarning  [from checker Cookie]



CWE628




CWE643




CWE662

  • UselessVolatileModifierWarning  [from checker Concurrency]



CWE664

  • LeakThroughCallbackFieldWarning  [from checker Leak]
  • LeakThroughCallbackWarning  [from checker Leak]
  • LeakThroughFieldWarning  [from checker Leak]



CWE665




CWE674




CWE682




CWE686




CWE704

  • ArrayStoreWarning  [from checker Classcast]
  • ClasscastGenericWarning  [from checker Classcast]
  • ClasscastOfFieldWarning  [from checker Classcast]
  • ClasscastOfFormalWarning  [from checker Classcast]
  • ClasscastOfMethodReturnWarning  [from checker Classcast]



CWE768




CWE771




CWE772

  • ResourceNotClosedAtEndOfMethodWarning  [from checker CloseResource]
  • FieldNeverReadWarning  [from checker FieldAccess]
  • FieldIsOnlyUsedInConstructorsWarning  [from checker ImproperField]
  • FieldIsOnlyUsedInStaticInitialiserWarning  [from checker ImproperField]
  • FieldShouldBeReplacedByLocalsWarning  [from checker ImproperField]



CWE787

  • ArrayWriteOutOfBoundsWarning  [from checker Termination]



CWE820

  • UnguardedMethodOrConstructorWarning  [from checker GuardedBy]



CWE833

  • BlockingCallInsideSynchronizationWarning  [from checker Concurrency]



CWE835

  • DefiniteDivergenceWarning  [from checker Termination]
  • PossibleDivergenceWarning  [from checker Termination]



CWE909

  • EmptyJarEntryWarning  [from checker Zip]
  • EmptyZipEntryWarning  [from checker Zip]



CWE913

  • MissingSerialVersionFieldWarning  [from checker Serialization]
  • NonSerializableElementsOfFieldWarning  [from checker Serialization]
  • NonSerializableFieldWarning  [from checker Serialization]
  • NonSerializableOuterClassWarning  [from checker Serialization]
  • UnexpectedSerialVersionFieldWarning  [from checker Serialization]