CWE coverage for Rust¶
An overview of CWE coverage for Rust in the latest release of CodeQL.
Overview¶
| CWE | Language | Query id | Query name |
|---|---|---|---|
| CWE-20 | Rust | rust/regex-injection | Regular expression injection |
| CWE-20 | Rust | rust/uncontrolled-allocation-size | Uncontrolled allocation size |
| CWE-22 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-23 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-36 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-73 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-74 | Rust | rust/regex-injection | Regular expression injection |
| CWE-74 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-74 | Rust | rust/sql-injection | Database query built from user-controlled sources |
| CWE-89 | Rust | rust/sql-injection | Database query built from user-controlled sources |
| CWE-99 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-118 | Rust | rust/access-after-lifetime-ended | Access of a pointer after its lifetime has ended |
| CWE-118 | Rust | rust/access-invalid-pointer | Access of invalid pointer |
| CWE-119 | Rust | rust/access-after-lifetime-ended | Access of a pointer after its lifetime has ended |
| CWE-119 | Rust | rust/access-invalid-pointer | Access of invalid pointer |
| CWE-200 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-311 | Rust | rust/cleartext-transmission | Cleartext transmission of sensitive information |
| CWE-311 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-312 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-319 | Rust | rust/cleartext-transmission | Cleartext transmission of sensitive information |
| CWE-326 | Rust | rust/weak-sensitive-data-hashing | Use of a broken or weak cryptographic hashing algorithm on sensitive data |
| CWE-327 | Rust | rust/weak-cryptographic-algorithm | Use of a broken or weak cryptographic algorithm |
| CWE-327 | Rust | rust/weak-sensitive-data-hashing | Use of a broken or weak cryptographic hashing algorithm on sensitive data |
| CWE-328 | Rust | rust/weak-sensitive-data-hashing | Use of a broken or weak cryptographic hashing algorithm on sensitive data |
| CWE-359 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-398 | Rust | rust/access-invalid-pointer | Access of invalid pointer |
| CWE-400 | Rust | rust/uncontrolled-allocation-size | Uncontrolled allocation size |
| CWE-476 | Rust | rust/access-invalid-pointer | Access of invalid pointer |
| CWE-532 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-538 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-552 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-610 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-642 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-664 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-664 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-664 | Rust | rust/ctor-initialization | Bad 'ctor' initialization |
| CWE-664 | Rust | rust/uncontrolled-allocation-size | Uncontrolled allocation size |
| CWE-664 | Rust | rust/access-after-lifetime-ended | Access of a pointer after its lifetime has ended |
| CWE-664 | Rust | rust/access-invalid-pointer | Access of invalid pointer |
| CWE-665 | Rust | rust/ctor-initialization | Bad 'ctor' initialization |
| CWE-665 | Rust | rust/uncontrolled-allocation-size | Uncontrolled allocation size |
| CWE-666 | Rust | rust/access-after-lifetime-ended | Access of a pointer after its lifetime has ended |
| CWE-666 | Rust | rust/access-invalid-pointer | Access of invalid pointer |
| CWE-668 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-668 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-672 | Rust | rust/access-after-lifetime-ended | Access of a pointer after its lifetime has ended |
| CWE-672 | Rust | rust/access-invalid-pointer | Access of invalid pointer |
| CWE-691 | Rust | rust/ctor-initialization | Bad 'ctor' initialization |
| CWE-693 | Rust | rust/regex-injection | Regular expression injection |
| CWE-693 | Rust | rust/cleartext-transmission | Cleartext transmission of sensitive information |
| CWE-693 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-693 | Rust | rust/weak-cryptographic-algorithm | Use of a broken or weak cryptographic algorithm |
| CWE-693 | Rust | rust/weak-sensitive-data-hashing | Use of a broken or weak cryptographic hashing algorithm on sensitive data |
| CWE-693 | Rust | rust/uncontrolled-allocation-size | Uncontrolled allocation size |
| CWE-696 | Rust | rust/ctor-initialization | Bad 'ctor' initialization |
| CWE-706 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-707 | Rust | rust/regex-injection | Regular expression injection |
| CWE-707 | Rust | rust/path-injection | Uncontrolled data used in path expression |
| CWE-707 | Rust | rust/sql-injection | Database query built from user-controlled sources |
| CWE-710 | Rust | rust/access-invalid-pointer | Access of invalid pointer |
| CWE-770 | Rust | rust/uncontrolled-allocation-size | Uncontrolled allocation size |
| CWE-789 | Rust | rust/uncontrolled-allocation-size | Uncontrolled allocation size |
| CWE-825 | Rust | rust/access-after-lifetime-ended | Access of a pointer after its lifetime has ended |
| CWE-825 | Rust | rust/access-invalid-pointer | Access of invalid pointer |
| CWE-916 | Rust | rust/weak-sensitive-data-hashing | Use of a broken or weak cryptographic hashing algorithm on sensitive data |
| CWE-922 | Rust | rust/cleartext-logging | Cleartext logging of sensitive information |
| CWE-943 | Rust | rust/sql-injection | Database query built from user-controlled sources |