CWE-1116 – Inaccurate Source Code Comments | Common Weakness Enumeration（CWE）

概要

CWE-1116（Inaccurate Source Code Comments）は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。

The source code contains comments that do not accurately describe or explain aspects of the portion of the code with which the comment is associated.

種別	名称	クラス	普遍性	OS / CPE
language	—	Not Language-Specific	Undetermined	—

これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。

CVE	公開	概要
CVE-2025-47271	2025-05-12	The OZI action is a GitHub Action that publishes releases to PyPI and mirror releases, signature bundles, and provenance in a tagged release. In versions 1.13.2 through 1.13.5, potentially untrusted d…
CVE-2025-1219	2025-03-30	In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-t…
CVE-2022-30351	2023-03-30	PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information i…
CVE-2022-48339	2023-02-20	An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external …

日付	名称	バージョン	重要度	コメント
2020-02-24	CWE Content Team	4.0	—	updated Relationships
2022-10-13	CWE Content Team	4.9	—	updated Applicable_Platforms, Demonstrative_Examples, Potential_Mitigations
2023-01-31	CWE Content Team	4.10	—	updated Description
2023-04-27	CWE Content Team	4.11	—	updated Relationships
2023-06-29	CWE Content Team	4.12	—	updated Mapping_Notes
2025-12-11	CWE Content Team	4.19	—	updated Common_Consequences, Description, Name, Time_of_Introduction

タイプ	名称	日付	コメント
Content	Drew Buttner	2022-08-15	Suggested new demonstrative examples, mitigations, and applicable platforms.