Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-710 (编程规范违背) — Vulnerability Class 6

6 vulnerabilities classified as CWE-710 (编程规范违背). AI Chinese analysis included.

CWE-710 represents a structural weakness where software fails to adhere to established coding standards, creating an environment ripe for latent vulnerabilities. This deviation from best practices does not directly exploit a system but rather increases the severity and likelihood of other flaws by introducing inconsistent logic, poor error handling, or unsafe memory management patterns. Attackers typically exploit this indirectly by targeting the resulting inconsistencies, such as using malformed inputs to trigger undefined behavior in non-standardized code paths. To mitigate this risk, developers must enforce rigorous static analysis tools and automated linting within their continuous integration pipelines. Regular code reviews against recognized frameworks like OWASP or MISRA further ensure compliance, while comprehensive developer training reinforces the critical importance of standardized practices in maintaining long-term code integrity and security posture.

MITRE CWE Description
The product does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.
Common Consequences (1)
OtherOther
Mitigations (2)
PolicySelect and require coding standards. Ensure that they include security concerns.
ImplementationClosely follow coding standards, possibly enforcing them upon checkin of the code into a source control system or with periodic analyses.
CVE IDTitleCVSSSeverityPublished
CVE-2025-0007 AMD Xilinx Run Time 安全漏洞 — Xilinx Run Time (XRT) 5.7 Medium2025-11-24
CVE-2023-30961 Palantir Gotham UI bug that could lead to incorrect data classification — com.palantir.acme:gotham-fe-bundle 6.5 Medium2023-09-26
CVE-2021-27501 Philips Vue PACS Improper Adherence to Coding Standards — Vue PACS 7.5 High2022-04-01
CVE-2021-33528 WEIDMUELLER: WLAN devices affected by privilege escalation vulnerability — IE-WL(T)-BL-AP-CL-XX 8.8 High2021-06-25
CVE-2020-1613 Junos OS: BGP session termination upon receipt of specific BGP FlowSpec advertisement. — Junos OS 8.6 High2020-04-08
CVE-2020-1603 Junos OS: Improper handling of specific IPv6 packets sent by clients eventually kernel crash (vmcore) the device. — Junos OS 8.6 High2020-01-15

Vulnerabilities classified as CWE-710 (编程规范违背) represent 6 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.