To get a trial key
fill out the form below
Team License (standard version)
Enterprise License (extended version)
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
GBP
RUB
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
>
Classification of PVS-Studio warnings a…

Classification of PVS-Studio warnings according to the OWASP Application Security Verification Standard (ASVS)

The OWASP Application Security Verification Standard (ASVS) is a list of application security requirements or tests that can be used by architects, developers, testers, security professionals, tool vendors, and consumers to define, build, test and verify secure applications.

C/C++ warnings

Error CodeError DescriptionASVS Requirement
V5001It is highly probable that the semicolon ';' is missing after 'return' keyword.OWASP-11.1.1
V5002An empty exception handler. Silent suppression of exceptions can hide the presence of bugs in source code during testing.OWASP-7.4.2
V5003The object was created but it is not being used. The 'throw' keyword could be missing.OWASP-11.1.8
V5004Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type.OWASP-5.4.3
V5005A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly.OWASP-5.4.3
V5006More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits.OWASP-5.4.3
V5007Consider inspecting the loop expression. It is possible that the 'i' variable should be incremented instead of the 'n' variable.OWASP-5.4.3
V5008Classes should always be derived from std::exception (and alike) as 'public'.OWASP-7.4.2
V5009Unchecked tainted data is used in expression.OWASP-5.1.3, OWASP-5.2.2, OWASP-5.3.8, OWASP-5.4.2
V5010The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow.OWASP-5.4.3
V5011Possible overflow. Consider casting operands, not the result.OWASP-5.4.3
V5012Potentially unsafe double-checked locking.OWASP-11.1.6, OWASP-1.11.3

Java warnings

Error CodeError DescriptionASVS Requirement
V5301An exception handling block does not contain any code.OWASP-7.4.2
V5302Exception classes should be publicly accessible.OWASP-7.4.2
V5303The object was created but it is not being used. The 'throw' keyword could be missing.OWASP-11.1.8
V5304Unsafe double-checked locking.OWASP-1.11.3
V5305Storing credentials inside source code can lead to security issues.OWASP-2.10.4

C# warnings

Error CodeError DescriptionASVS Requirement
V5601Storing credentials inside source code can lead to security issues.OWASP-2.10.4
V5602The object was created but it is not being used. The 'throw' keyword could be missing.OWASP-11.1.8
V5603The original exception object was swallowed. Stack of original exception could be lost.OWASP-11.1.8
V5604Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this.OWASP-11.1.6, OWASP-1.11.3
V5605Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it.OWASP-1.11.3, OWASP-11.1.6
V5606An exception handling block does not contain any code.OWASP-7.4.2
V5607Exception classes should be publicly accessible.OWASP-7.4.2
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept