C/C++
Note: The legacy Mend SAST Application was deprecated on April 1st, 2025. For assistance with migrating to the Mend AppSec Platform, please contact your customer success manager or the success team at success@mend.io.
In this article, we cover C/C++ support and vulnerability detection for Mend SAST.
Note: C/C++ support is currently in beta phase.
Mend SAST-supported C/C++ file types
File Type |
|---|
.c |
.cc |
.cpp |
.h |
Mend SAST-supported C/C++ frameworks
Framework |
|---|
IBM DB2 |
Mend SAST-supported C/C++ vulnerability types
The C/C++ vulnerability types detected by SAST are provided below and are organized by CWE ID within each of their identified severities.
C/C++ high-severity vulnerability types
CWE | Vulnerability Type |
CWE-22 | Path/Directory Traversal |
CWE-78 | Command Injection |
CWE-89 | SQL Injection |
CWE-121 | Buffer Overflow |
CWE-134 | Uncontrolled Format String |
CWE-190 | Integer Overflow |
CWE-415 | Double Free |
CWE-416 | Use After Free |
CWE-787 | Out of Buffer Bounds Write |
C/C++ medium-severity vulnerability types
CWE | Vulnerability Type |
CWE-90 | LDAP Injection |
CWE-125 | Out of Buffer Bounds Read |
CWE-191 | Integer Underflow |
CWE-244 | Heap Inspection |
CWE-367 | Time of Check Time of Use |
CWE-676 | Miscellaneous Dangerous Functions |
C/C++ low-severity vulnerability types
CWE | Vulnerability Type |
CWE-114 | Arbitrary Library Injection |
CWE-242 | Use of Inherently Dangerous Function |
CWE-369 | Divide By Zero |
CWE-789 | Uncontrolled Memory Allocation |