CWE-431: Missing Handler

Base Draft Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

A handler is not available or implemented.

扩展描述

When an exception is thrown and not caught, the process has given up an opportunity to decide if a given failure or event is worth a change in execution.

常见后果

影响范围: Other

技术影响: Varies by Context

潜在缓解措施

阶段: Implementation

描述: Handle all possible situations (e.g. error condition).

阶段: Implementation

描述: If an operation can throw an Exception, implement a handler for that specific exception.

观察示例

参考: CVE-2022-25302

SDK for OPC Unified Architecture (OPC UA) is missing a handler for when a cast fails, allowing for a crash

引入模式

阶段 说明
Implementation -

适用平台

编程语言
Not Language-Specific (Undetermined)

分类映射

分类名称 条目ID 条目名称 映射适配度
PLOVER - Missing Handler -
Software Fault Patterns SFP4 Unchecked Status Condition -
关键信息

CWE ID: CWE-431

抽象级别: Base

结构: Simple

状态: Draft

相关弱点
ChildOf CWE-691

Insufficient Control Flow Management

Pillar
CanPrecede CWE-433

Unparsed Raw Web Content Delivery

Variant
返回列表