Confirm
557
edits
Changes
Added csectype-framepoisoning, csectype-nullptr, csectype-race, csectype-sidechannel, csectype-spoof. Removed csectype-ui-redress.
|-
|csectype-dos || Used to tag client Denial of Service bugs. For web server denial of service bugs please use wsec-dos as these tend to be more severe.
|-
|csectype-framepoisoning || client security issues prevented using layout's frame poisoning, which usually lowers the severity.
|-
|csectype-intoverflow || client security issues due to integer overflow
|-
|csectype-jit || client security issues due to jit JIT miscompilation or similar|-|csectype-nullptr || client security issue arising from a null pointer being treated as a valid pointer
|-
|csectype-oom || A client crash or hang that occurs in Out Of Memory conditions
|csectype-other || client security issues that don't fit into other categories
|-
|csectype-priv-escalation || client privilege escalation security issues |-|csectype-race || client security issue arising from the interaction of multiple threads |-|csectype-sandbox-escape || A content process can cause memory corruption or arbitrary/JS code execution in any other process through malformed or tricky IPC messages or Shared Memory
|-
|csectype-ssandbox-escape sidechannel || A content process can cause memory corruption or arbitrary/JS code execution in any other process client security issue arising from information about a computation being exposed through malformed or tricky IPC messages an external measurement such as time or Shared Memorypower
|-
|csectype-sop || violations of the client Same Origin Policy (Universal-XSS bugs, for example). |-|csectype-spoof || client security issue from fooling the user into taking the wrong action by presenting incorrect UI
|-
|csectype-uaf || client security issues due to a use-after-free
|-
|csectype-undefined || Bugs--or potential bugs--due to undefined compiler behavior.
