.svg){kind=logo}
In this article, we cover C/C++ support and vulnerability detection for Mend SAST.
Mend SAST-supported C/C++ file types
|
File Type |
|---|
|
.c |
|
.cc |
|
.cpp |
|
.h |
Mend SAST-supported C/C++ frameworks
|
Framework |
|---|
|
IBM DB2 |
Mend SAST-supported C/C++ vulnerability types
The C/C++ vulnerability types detected by SAST are provided below and are organized by CWE ID within each of their identified severities.
C/C++ high-severity vulnerability types
|
CWE |
Vulnerability Type |
|
CWE-22 |
Path/Directory Traversal |
|
CWE-78 |
Command Injection |
|
CWE-89 |
SQL Injection |
|
CWE-121 |
Buffer Overflow |
|
CWE-134 |
Uncontrolled Format String |
|
CWE-190 |
Integer Overflow |
|
CWE-415 |
Double Free |
|
CWE-416 |
Use After Free |
|
CWE-787 |
Out of Buffer Bounds Write |
C/C++ medium-severity vulnerability types
|
CWE |
Vulnerability Type |
|
CWE-90 |
LDAP Injection |
|
CWE-125 |
Out of Buffer Bounds Read |
|
CWE-191 |
Integer Underflow |
|
CWE-244 |
Heap Inspection |
|
CWE-367 |
Time of Check Time of Use |
|
CWE-676 |
Miscellaneous Dangerous Functions |
C/C++ low-severity vulnerability types
|
CWE |
Vulnerability Type |
|
CWE-114 |
Arbitrary Library Injection |
|
CWE-242 |
Use of Inherently Dangerous Function |
|
CWE-369 |
Divide By Zero |
|
CWE-789 |
Uncontrolled Memory Allocation |