The software performs a calculation that can produce an integer
overflow or wraparound, when the logic assumes that the resulting value will
always be larger than the original value. This can introduce other weaknesses
when the calculation is used for resource management or execution
The software uses external input to construct a pathname that
is intended to identify a file or directory that is located underneath a
restricted parent directory, but the software does not properly neutralize
special elements within the pathname that can cause the pathname to resolve to a
location that is outside of the restricted directory.
The software constructs all or part of a code segment using
externally-influenced input from an upstream component, but it does not
neutralize or incorrectly neutralizes special elements that could modify the
syntax or behavior of the intended code segment.