CWE-1027 2 CVEs MITRE definition ↗

CWE-1027: OWASP Top Ten 2017 Category A1 - Injection

Overview

CWE-1027 (OWASP Top Ten 2017 Category A1 - Injection) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.

Security impact
Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.

Description

Weaknesses in this category are related to the A1 category in the OWASP Top Ten 2017.

Related CVEs in this database

These CVEs are mapped to this weakness in this database and kept for traceability and search.

CVE Published Summary
CVE-2025-59874 2026-06-04 HCL Hive Telco Observability is affected by  a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vu…
CVE-2021-27021 2021-07-20 A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.

Content submission

Name
CWE Content Team
Organization
MITRE
Date
2018-01-22
Version
3.1

Content modifications

Date Name Version Importance Comment
2014-06-23 CWE Content Team 2.7 updated Relationships
2020-02-24 CWE Content Team 4.0 updated References
2023-04-27 CWE Content Team 4.11 updated Mapping_Notes
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-09-09 CWE Content Team 4.18 updated References
cvelogic Threat Intelligence