CWE-1027 (OWASP Top Ten 2017 Category A1 - Injection) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.
Weaknesses in this category are related to the A1 category in the OWASP Top Ten 2017.
These CVEs are mapped to this weakness in this database and kept for traceability and search.
| CVE | Published | Summary |
|---|---|---|
| CVE-2025-59874 | 2026-06-04 | HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vu… |
| CVE-2021-27021 | 2021-07-20 | A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query. |
| Date | Name | Version | Importance | Comment |
|---|---|---|---|---|
| 2014-06-23 | CWE Content Team | 2.7 | — | updated Relationships |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated References |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Mapping_Notes |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2025-09-09 | CWE Content Team | 4.18 | — | updated References |