New CWE for DNS domain normalization/canonicalization with trailing dot

So we have:

which are both, broadly speaking, catch-all buckets too broad to be of much

I would like to propose a CWE for "Failure to properly handle DNS names
with or without a trailing dot", e.g.:

and Sweden accidentally broke DNS for .se back in 2009 with a dot:

And various projects having issues with this spanning many years:

Kurt Seifried (He/Him)

Reply via email to