界: Code Quality

代码质量不佳会导致不可预测的行为。对于用户来说,通常表现为可用性差。对于攻击者来说,提供了以意外方式对系统施加压力的机会。

93 个项目已找到
弱点

Poor Style: Empty Synchronized Block

Abstract
若同步代码块中不包含指令,它不能起到预期的效果。
Explanation
Java 中的同步处理是一个非常棘手的问题。一个 empty synchronized block 通常只标志程序员正在处理同步问题,但还没有达到预期的结果。

示例:

synchronized(this) { }
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 1
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 5
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 585
desc.structural.java.poor_style_empty_synchronized_block

Poor Style: Identifier Contains Dollar Symbol ($)

Abstract
建议不要使用美元符号($)作为标识符。
Explanation
在 Java 语言规范的第 3.8 节中论述了美元符号,但仅将它作为用于机器产生的源代码中的标识符。

示例:

int un$afe;
References
[1] J. Gosling, B. Joy, G. Steele, G. Bracha The Java Language Specification, Second Edition Addison-Wesley
[2] Standards Mapping - CIS Azure Kubernetes Service Benchmark 1
[3] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 5
[4] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[5] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[6] Standards Mapping - Common Weakness Enumeration CWE ID 398
desc.structural.java.poor_style_identifier_contains_dollar_symbol

Poor Style: Redundant Initialization

Abstract
变量赋值后并不使用,而变成一个死存储。
Explanation
没有使用该变量的初始值。初始化之后,变量或者被重新赋值,或者转向作用域之外。

示例:以下摘录的代码为变量 r 赋值,并在没有使用所赋数值的情况下,对其加以重写。


  int r = getNum();
  r = getNewNum(buf);
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 1
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 398
[6] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3050 CAT II
[7] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3050 CAT II
[8] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3050 CAT II
[9] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3050 CAT II
[10] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3050 CAT II
[11] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3050 CAT II
[12] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3050 CAT II
desc.structural.cpp.poor_style_redundant_initialization
Abstract
变量赋值后并不使用,而变成一个死存储。
Explanation
没有使用该变量的初始值。初始化之后,变量或者被重新赋值,或者转向作用域之外。

示例:以下摘录的代码为变量 r 赋值,并在没有使用所赋数值的情况下,对其加以重写。


  int r = getNum();
  r = getNewNum(buf);
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 1
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 398
[6] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3050 CAT II
[7] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3050 CAT II
[8] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3050 CAT II
[9] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3050 CAT II
[10] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3050 CAT II
[11] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3050 CAT II
[12] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3050 CAT II
desc.structural.java.poor_style_redundant_initialization

Poor Style: Value Never Read

Abstract
变量赋值后并不使用,而变成一个死存储。
Explanation
没有使用该变量的值。赋值之后,变量或者被重新赋值,或者超出范围之外。

示例:以下摘录的代码为变量 r 赋值,并在没有使用所赋数值的情况下,对其加以重写。


  r = getName();
  r = getNewBuffer(buf);
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 1
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 563
[6] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3050 CAT II
[7] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3050 CAT II
[8] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3050 CAT II
[9] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3050 CAT II
[10] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3050 CAT II
[11] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3050 CAT II
[12] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3050 CAT II
desc.structural.cpp.poor_style_value_never_read
Abstract
变量赋值后并不使用,而变成一个死存储。
Explanation
没有使用该变量的值。赋值之后,变量或者被重新赋值,或者超出范围之外。

示例:以下摘录的代码为变量 r 赋值,并在没有使用所赋数值的情况下,对其加以重写。


  r = getName();
  r = getNewBuffer(buf);
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 1
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 563
[6] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3050 CAT II
[7] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3050 CAT II
[8] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3050 CAT II
[9] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3050 CAT II
[10] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3050 CAT II
[11] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3050 CAT II
[12] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3050 CAT II
desc.structural.java.poor_style_value_never_read

Poor Style: Variable Never Used

Abstract
从未使用过该变量。
Explanation
从未使用过该变量。有可能该变量只是一个残留的无用代码,但也可能该未使用的变量会指出一个 bug。

示例:在以下代码中,复制粘贴错误导致同一个循环迭代器 (i) 使用了两次。而变量 j 却从未使用。


  int i,j;

  for (i=0; i < outer; i++) {
    for (i=0; i < inner; i++) {
      ...
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 1
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 563
[6] Standards Mapping - Motor Industry Software Reliability Association (MISRA) C++ Guidelines 2008 Rule 0-1-3
[7] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3050 CAT II
[8] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3050 CAT II
[9] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3050 CAT II
[10] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3050 CAT II
[11] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3050 CAT II
[12] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3050 CAT II
[13] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3050 CAT II
[14] Standards Mapping - Smart Contract Weakness Classification SWC-131
desc.structural.cpp.poor_style_variable_never_used
Abstract
合约定义了一个变量,但从未使用它。
Explanation
Solidity 允许声明变量但从不使用变量,尽管大多数时候这并不直接表明存在安全漏洞,但这是一种不好的做法。由于所需的计算周期延长,因此这可能会导致噪音和不必要的 Gas 消耗。

示例 1:以下代码声明类型为 A 的变量 var1,但从不使用它。


contract Base {
    struct A { uint a; }
}

contract DerivedA is Base {
    A var1 = A(1);
    int internal j = 500;

    function call(int a) public {
        assign1(a);
    }

    function assign3(A memory x) public returns (uint) {
        return g[1] + x.a + uint(j);
    }
}
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 1
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 563
[6] Standards Mapping - Motor Industry Software Reliability Association (MISRA) C++ Guidelines 2008 Rule 0-1-3
[7] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3050 CAT II
[8] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3050 CAT II
[9] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3050 CAT II
[10] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3050 CAT II
[11] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3050 CAT II
[12] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3050 CAT II
[13] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3050 CAT II
[14] Standards Mapping - Smart Contract Weakness Classification SWC-131
desc.structural.solidity.swc131

Portability Flaw

Abstract
在多个操作系统和操作系统版本之间,执行语义不一致的函数会导致可移植性问题。
Explanation
这一类函数的行为会因操作系统而异,甚至有时还会受操作系统版本的影响。函数的实现差异主要包括:

— 参数解析方式的细微差异会导致结果不一致。

— 一些函数的实现本身就包含了很大的安全风险。

— 并非所有平台上都定义了函数。
desc.semantic.cpp.portability_flaw

Portability Flaw: File Separator

Abstract
使用硬编码文件分隔符会导致可移植性问题。
Explanation
不同的操作系统使用不同的字符作为文件分隔符。例如,Microsoft Windows 系统使用 "\",而 UNIX 系统则使用 "/"。应用程序需要在不同的平台上运行时,使用硬编码文件分隔符会导致应用程序逻辑执行错误,并有可能导致 denial of service。

例 1:以下代码使用硬编码文件分隔符来打开文件:


...
var file:File = new File(directoryName + "\\" + fileName);
...
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 4
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 474
[6] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001310
[7] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.6
[8] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.6
[9] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.6
[10] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.6
[11] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[12] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 4.2 - Critical Asset Protection
[13] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 4.2 - Critical Asset Protection
[14] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 4.2 - Critical Asset Protection
[15] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002520 CAT II
[16] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002520 CAT II
[17] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002520 CAT II
[18] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002520 CAT II
[19] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002520 CAT II
[20] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002520 CAT II
[21] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002520 CAT II
[22] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002520 CAT II
[23] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002520 CAT II
[24] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002520 CAT II
[25] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002520 CAT II
[26] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002520 CAT II
[27] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002520 CAT II
[28] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-002520 CAT II
desc.dataflow.actionscript.portability_flaw_file_separator
Abstract
使用硬编码文件分隔符会导致可移植性问题。
Explanation
不同的操作系统使用不同的字符作为文件分隔符。例如,Microsoft Windows 系统使用 "\",而 UNIX 系统则使用 "/"。应用程序需要在不同的平台上运行时,使用硬编码文件分隔符会导致应用程序逻辑执行错误,并有可能导致 denial of service。

例 1:以下代码使用硬编码文件分隔符来打开文件:


...
FileStream f = File.Create(directoryName + "\\" + fileName);
...
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 4
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 474
[6] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001310
[7] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.6
[8] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.6
[9] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.6
[10] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.6
[11] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[12] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 4.2 - Critical Asset Protection
[13] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 4.2 - Critical Asset Protection
[14] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 4.2 - Critical Asset Protection
[15] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002520 CAT II
[16] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002520 CAT II
[17] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002520 CAT II
[18] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002520 CAT II
[19] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002520 CAT II
[20] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002520 CAT II
[21] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002520 CAT II
[22] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002520 CAT II
[23] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002520 CAT II
[24] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002520 CAT II
[25] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002520 CAT II
[26] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002520 CAT II
[27] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002520 CAT II
[28] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-002520 CAT II
desc.dataflow.dotnet.portability_flaw_file_separator
Abstract
使用硬编码文件分隔符会导致可移植性问题。
Explanation
不同的操作系统使用不同的字符作为文件分隔符。例如,Microsoft Windows 系统使用“\”,而 UNIX 系统则使用“/”。应用程序需要在不同的平台上运行时,使用硬编码文件分隔符会导致应用程序逻辑执行错误,并有可能导致 denial of service。

例 1:以下代码使用硬编码文件分隔符来打开文件:


...
File file = new File(directoryName + "\\" + fileName);
...
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 4
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 474
[6] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001310
[7] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.6
[8] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.6
[9] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.6
[10] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.6
[11] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[12] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 4.2 - Critical Asset Protection
[13] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 4.2 - Critical Asset Protection
[14] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 4.2 - Critical Asset Protection
[15] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002520 CAT II
[16] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002520 CAT II
[17] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002520 CAT II
[18] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002520 CAT II
[19] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002520 CAT II
[20] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002520 CAT II
[21] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002520 CAT II
[22] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002520 CAT II
[23] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002520 CAT II
[24] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002520 CAT II
[25] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002520 CAT II
[26] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002520 CAT II
[27] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002520 CAT II
[28] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-002520 CAT II
desc.dataflow.java.portability_flaw_file_separator
Abstract
使用硬编码文件分隔符会导致可移植性问题。
Explanation
不同的操作系统使用不同的字符作为文件分隔符。例如,Microsoft Windows 系统使用 "\",而 UNIX 系统则使用 "/"。应用程序需要在不同的平台上运行时,使用硬编码文件分隔符会导致应用程序逻辑执行错误,并有可能导致 denial of service。

例 1:以下代码使用硬编码文件分隔符来打开文件:


...
os.open(directoryName + "\\" + fileName);
...
References
[1] Standards Mapping - CIS Azure Kubernetes Service Benchmark 4
[2] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 4
[3] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[4] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[5] Standards Mapping - Common Weakness Enumeration CWE ID 474
[6] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001310
[7] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.6
[8] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.6
[9] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.6
[10] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.6
[11] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[12] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 4.2 - Critical Asset Protection
[13] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 4.2 - Critical Asset Protection
[14] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 4.2 - Critical Asset Protection
[15] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002520 CAT II
[16] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002520 CAT II
[17] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002520 CAT II
[18] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002520 CAT II
[19] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002520 CAT II
[20] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002520 CAT II
[21] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002520 CAT II
[22] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002520 CAT II
[23] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002520 CAT II
[24] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002520 CAT II
[25] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002520 CAT II
[26] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002520 CAT II
[27] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002520 CAT II
[28] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-002520 CAT II
desc.dataflow.python.portability_flaw_file_separator