| Class | Definition |
| DCL | Declaration (DCL) class – An object, a function, a type, or a namespace is declared or defined improperly. |
| TCM | Type Computation (TCM) class – An arithmetic expression (over numbers, strings, or pointers) is calculated improperly, or a boolean condition is evaluated improperly. |
| Operation | Definition |
| Declare | Declare operation – Specify the name and type of an object; the name, return type, and parameters of a function; or the name and type parameters of a type. |
| Calculate | Calculate operation – Find the result of a numeric, pointer, or string operation. |
| Evaluate | Evaluate operation – Find the result of a Boolean condition (incl. comparison). |
| Cause/Consequence | Definition |
| Code Bug | Code Bug type – Defect in the implementation of the operation – proper operands over an improper operation. A first cause for the chain of weaknesses underlying a software security vulnerability. Must be fixed to resolve the vulnerability. |
| Erroneous Code | Erroneous Code bug - There is a coding error in the implementation of the operation. |
| Type Error/Fault | Type Fault/Error type – The the set or range of allowed values is wrong or the operations allowed on them are wrong. |
| Wrong Type | Wrong Type fault/error – A data type range or structure is not correct. |
| Data Error/Fault | Data Fault/Error type – The object data has harmed semantics or inconsistent or wrong value. |
| Wrap Around | Wrap Around fault/error – A moved around-the-clock value over its data type upper or lower range, as it exceeds that range. (Integer Over-/Under-flow is a wrapped-around the upper/lower range integer value; may become very small/large and change to the opposite sign. |
| Wrong Argument | Wrong Argument fault/error – Inaccurate input data value, i.e., non-verified for harmed semantics. |
| Wrong Result | Wrong Result fault/error – Incorrect value – from type conversion or computation. |
| Operation Attribute | Definition |
| Operand Attribute | Definition |
-0.png)
