2021 CWE Top 25 Most Dangerous Software Errors mapped to Klocwork C# checkers

Rank and ID	Checker name
#01 - CWE-787: Out-of-bounds Write	CS.ABV.EXCEPT
#02 - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	CS.XSS.REFLECT CS.XSS.PERSIST
#03 - CWE-125: Out-of-bounds Read	CS.ABV.EXCEPT
#04 - CWE-20: Improper Input Validation	CS.SQL.INJECT.LOCAL CS.SV.TAINTED.ALLOC_SIZE CS.SV.TAINTED.CALL.GLOBAL CS.SV.TAINTED.CALL.INDEX_ACCESS CS.SV.TAINTED.CALL.LOOP_BOUND.RESOURCE CS.SV.TAINTED.CALL.LOOP_BOUND CS.SV.TAINTED.DESERIALIZATION CS.SV.TAINTED.FMTSTR CS.SV.TAINTED.GLOBAL CS.SV.TAINTED.INDEX_ACCESS CS.SV.TAINTED.INJECTION CS.SV.TAINTED.LOOP_BOUND.RESOURCE CS.SV.TAINTED.LOOP_BOUND CS.SV.TAINTED.PATH_TRAVERSAL
#05 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')	CS.SV.TAINTED.INJECTION
#06 - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')	CS.SQL.INJECT.LOCAL
#07 - CWE-416: Use After Free	CS.LOCRET.ARG CS.LOCRET.GLOB CS.LOCRET.RET CS.UFR
#08 - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	CS.SV.TAINTED.PATH_TRAVERSAL
#09 - CWE-352: Cross-Site Request Forgery (CSRF)	CS.CSRF.ATTR.NOATTR CS.CSRF.ATTR.POST CS.CSRF.VALIDATE CS.CSRF.VSUK.CONSTASSIGN CS.CSRF.VSUK.NOASSIGN
#10 - CWE-434: Unrestricted Upload of File with Dangerous Type	Currently, there is no applicable checker for this rule.
#11 - CWE-306: Missing Authentication for Critical Function	Currently, there is no applicable checker for this rule.
#12 - CWE-190: Integer Overflow or Wraparound	CS.SV.TAINTED.BINOP CS.SV.TAINTED.CALL.BINOP
#13 - CWE-502: Deserialization of Untrusted Data	CS.SV.TAINTED.DESERIALIZATION
#14 - CWE-287: Improper Authentication	Currently, there is no applicable checker for this rule.
#15 - CWE-476: NULL Pointer Dereference	CS.NRE.CHECK.CALL.MIGHT CS.NRE.CHECK.CALL.MUST CS.NRE.CHECK.MIGHT CS.NRE.CHECK.MUST CS.NRE.CONST.CALL CS.NRE.CONST.DEREF CS.NRE.FUNC.CALL.MIGHT CS.NRE.FUNC.CALL.MUST CS.NRE.FUNC.MIGHT CS.NRE.FUNC.MUST CS.NRE.GEN.CALL.MIGHT CS.NRE.GEN.CALL.MUST CS.NRE.GEN.MIGHT CS.NRE.GEN.MUST CS.RNRE
#16 - CWE-798: Use of Hard-coded Credentials	CS.HCC.PWD CS.HCC.USER CS.HCC
#17 - CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer	CS.SV.TAINTED.CALL.INDEX_ACCESS CS.SV.TAINTED.INDEX_ACCESS
#18 - CWE-862: Missing Authorization	CS.AUTH.NOATTR
#19 - CWE-276: Incorrect Default Permissions	Currently, there is no applicable checker for this rule.
#20 - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	CS.INFORMATION_EXPOSURE.ALL CS.INFORMATION_EXPOSURE.ATTR
#21 - CWE-522: Insufficiently Protected Credentials	Currently, there is no applicable checker for this rule.
#22 - CWE-732: Incorrect Permission Assignment for Critical Resource	CS.NPS
#23 - CWE-611: Improper Restriction of XML External Entity Reference	CS.XXE.DOCUMENT CS.XXE.READER CS.XXE.TEXT_READER
#24 - CWE-918: Server-Side Request Forgery (SSRF)	Currently, there is no applicable checker for this rule.
#25 - CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')	CS.SV.TAINTED.INJECTION

Support Summary:

18 of 25 weaknesses