CWE-1177: Use of Prohibited Code
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product uses a function, library, or third party component that has been explicitly prohibited, whether by the developer or the customer.
常见后果
影响范围: Other
技术影响: Reduce Maintainability
观察示例
参考: CVE-2007-1470
Library has multiple buffer overflows using sprintf() and strcpy()
参考: CVE-2007-4004
FTP client uses inherently insecure gets() function and is setuid root on some systems, allowing buffer overflow
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |