CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
    • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
        • Lang
          • Correctness
          • Security
            • Containers
            • Crypto
            • Filesystem
            • Format-string
              • Format-string-injection
                • Format string injection
            • Ldap
            • Libraries
            • Memory
            • Misc
            • Rng
            • Sql
            • Strings
            • System-command
            • Uri
            • Use-after-free
        • Libxml2
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
      • Terraform
      • Typescript
      • Yaml
    Format-string-injection

    Format string injection

    format-string-injection

    Externally controlled data influences a format string. This can allow an attacker to leak information from memory or trigger memory corruption. Format strings should be constant strings to prevent these issues. If you need to print a user-controlled string then you can use %s.
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-134: Use of Externally-Controlled Format String

    World writable fileLdap injection dn
    twitterlinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.