Juliet Java 1.0 Test suite #24

Author: NSA Center for Assured Software
Language: Java
Size: 134 MB
Sha256sum: fb195e498bd147caad3f9e929c639458074e1e3419d4625845ca4ab154c0cb7b
Number Of Test Cases: 14,184
Submission Date: 01 Dec 2010

Description

A collection of test cases in the Java language. It contains examples for 106 different CWEs. This software is not subject to copyright protection and is in the public domain. NIST assumes no responsibility whatsoever for its use by other parties, and makes no guaranties, expressed or implied, about its quality, reliability, or any other characteristic. All documents related to the Juliet Test Suite can be found at the documents page.

Documentation

Juliet v1.0 for Java cases.pdf

Displaying test cases 11401 - 11425 of 14184 in total

CWE-80

58981-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 01 Baseline
CWE-80

58982-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 02 Control flow: if(true) and if(false)
CWE-80

58983-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 03 Control flow: if(5==5) and if(5!=5)
CWE-80

58984-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 04 Control flow: if(private_final_t) and if(private_final_f)
CWE-80

58985-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 05 Control flow: if(private_t) and if(private_f)
CWE-80

58986-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 06 Control flow: if(private_final_five==5) and if(private_final_five!=5)
CWE-80

58987-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 07 Control flow: if(private_five==5) and if(private_five!=5)
CWE-80

58988-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 08 Control flow: if(private_returns_t()) and if(private_returns_f())
CWE-80

58989-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 09 Control flow: if(IO.static_final_t) and if(IO.static_final_f)
CWE-80

58990-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 10 Control flow: if(IO.static_t) and if(IO.static_f)
CWE-80

58991-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 11 Control flow: if(IO.static_returns_t()) and if(IO.static_returns_f())
CWE-80

58992-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 12 Control flow: if(IO.static_returns_t_or_f())
CWE-80

58993-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 13 Control flow: if(IO.static_final_five==5) and if(IO.static_final_five...
CWE-80

58994-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 14 Control flow: if(IO.static_five==5) and if(IO.static_five!=5)
CWE-80

58995-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 15 Control flow: switch(6)
CWE-80

58996-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 16 Control flow: while(true) and while(local_f)
CWE-80

58997-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 17 Control flow: for loops
CWE-80

58998-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 19 Control flow: Dead code after an if(true) return
CWE-80

58999-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 31 Data flow: make a copy of data within the same method
CWE-80

59000-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 41 Data flow: data passed as an argument from one method to another in t...
CWE-80

59001-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 42 Data flow: data returned from one method to another in the same class
CWE-80

59002-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 45 Data flow: data passed as a private class member variable fr...
CWE-80

59003-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 51 Data flow: data passed as an argument from one function to another in...
CWE-80

59004-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 52 Data flow: data passed as an argument from one method to ano...
CWE-80

59005-v1.0.0

Added 14 years ago

deprecated

mixed

CWE: 80 Cross Site Scripting (XSS) BadSource: PropertiesFile Read a value from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: Servlet BadSink : querystring parameter not sanitized Flow Variant: 53 Data flow: data passed as an argument from one method to ano...

Results per page