Common Weakness Enumeration

CWE-252

Allowed

Unchecked Return Value

Abstraction: Base · Status: Draft

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

227 vulnerabilities reference this CWE, most recent first.

GHSA-687W-XP39-Q584

Vulnerability from github – Published: 2022-05-24 16:59 – Updated: 2024-02-16 18:31
VLAI
Details

An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The result was that, instead of reporting that the supplied username or group name did not exist, it would execute the command as root.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-15900"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-18T16:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The result was that, instead of reporting that the supplied username or group name did not exist, it would execute the command as root.",
  "id": "GHSA-687w-xp39-q584",
  "modified": "2024-02-16T18:31:02Z",
  "published": "2022-05-24T16:59:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15900"
    },
    {
      "type": "WEB",
      "url": "https://github.com/slicer69/doas/commit/2f83222829448e5bc4c9391d607ec265a1e06531"
    },
    {
      "type": "WEB",
      "url": "https://github.com/slicer69/doas/compare/6.1p1...6.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6FVJ-8P6J-8WXG

Vulnerability from github – Published: 2025-10-16 15:30 – Updated: 2026-05-12 15:31
VLAI
Details

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-11839"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-16T14:15:34Z",
    "severity": "MODERATE"
  },
  "details": "A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.",
  "id": "GHSA-6fvj-8p6j-8wxg",
  "modified": "2026-05-12T15:31:12Z",
  "published": "2025-10-16T15:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11839"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/bugzilla/attachment.cgi?id=16344"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33448"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.328774"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.328774"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.661279"
    },
    {
      "type": "WEB",
      "url": "https://www.gnu.org"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6J2P-Q7P9-HMXW

Vulnerability from github – Published: 2024-11-14 12:31 – Updated: 2025-11-03 21:31
VLAI
Details

Unchecked return value can allow Apache Traffic Server to retain privileges on startup.

This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1.

Users are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50306"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-14T10:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "Unchecked return value can allow Apache Traffic Server to retain privileges on startup.\n\nThis issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1.\n\nUsers are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.",
  "id": "GHSA-6j2p-q7p9-hmxw",
  "modified": "2025-11-03T21:31:36Z",
  "published": "2024-11-14T12:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50306"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00018.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6VWC-64MX-78V2

Vulnerability from github – Published: 2025-03-05 12:31 – Updated: 2025-03-05 12:31
VLAI
Details

An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-12650"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-05T12:15:34Z",
    "severity": "MODERATE"
  },
  "details": "An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.",
  "id": "GHSA-6vwc-64mx-78v2",
  "modified": "2025-03-05T12:31:12Z",
  "published": "2025-03-05T12:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12650"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/en/advisories/VDE-2025-004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-722W-734R-QG74

Vulnerability from github – Published: 2025-03-02 03:30 – Updated: 2025-03-02 03:30
VLAI
Details

list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-25724"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-02T02:15:36Z",
    "severity": "MODERATE"
  },
  "details": "list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.",
  "id": "GHSA-722w-734r-qg74",
  "modified": "2025-03-02T03:30:31Z",
  "published": "2025-03-02T03:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25724"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Ekkosun/pocs/blob/main/bsdtarbug"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-72V7-RM66-2GR3

Vulnerability from github – Published: 2026-05-15 03:30 – Updated: 2026-05-15 03:30
VLAI
Details

An unchecked return value within the AMD Platform Management Framework (PMF) could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0028"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-15T03:16:21Z",
    "severity": "HIGH"
  },
  "details": "An unchecked return value within the AMD Platform Management Framework (PMF)  could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability.",
  "id": "GHSA-72v7-rm66-2gr3",
  "modified": "2026-05-15T03:30:37Z",
  "published": "2026-05-15T03:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0028"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:H/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-76PR-H99M-Q4FJ

Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2025-05-12 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

binder: make sure fd closes complete

During BC_FREE_BUFFER processing, the BINDER_TYPE_FDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to return to userspace or the file object may never be dereferenced -- which can lead to hung processes.

Force the binder thread back to userspace if an fd is closed during BC_FREE_BUFFER handling.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47360"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T15:15:22Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: make sure fd closes complete\n\nDuring BC_FREE_BUFFER processing, the BINDER_TYPE_FDA object\ncleanup may close 1 or more fds. The close operations are\ncompleted using the task work mechanism -- which means the thread\nneeds to return to userspace or the file object may never be\ndereferenced -- which can lead to hung processes.\n\nForce the binder thread back to userspace if an fd is closed during\nBC_FREE_BUFFER handling.",
  "id": "GHSA-76pr-h99m-q4fj",
  "modified": "2025-05-12T21:30:56Z",
  "published": "2024-05-21T15:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47360"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5fdb55c1ac9585eb23bb2541d5819224429e103d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aa2c274c279ff365a06a4cba263f04965895166e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b95483d8d94b41fa31a84c1d86710b7907a37621"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d5b0473707fa53b03a5db0256ce62b2874bddbc7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-787R-J94J-7WPV

Vulnerability from github – Published: 2023-03-01 21:30 – Updated: 2025-03-20 15:30
VLAI
Details

In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-23003"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-01T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.",
  "id": "GHSA-787r-j94j-7wpv",
  "modified": "2025-03-20T15:30:25Z",
  "published": "2023-03-01T21:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23003"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/0a515a06c5ebfa46fee3ac519e418f801e718da4"
    },
    {
      "type": "WEB",
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230331-0003"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7C4J-2M43-2MGH

Vulnerability from github – Published: 2026-04-22 19:19 – Updated: 2026-04-27 16:22
VLAI
Summary
nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals
Details

Impact

An untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key.

Hashing an election macro header hashes validators and reaches Validators::voting_keys(), which calls validator.voting_key.uncompress().unwrap() and panics on invalid bytes.

Patches

The patch for this vulnerability is included as part of v1.3.0.

Workarounds

No known workarounds.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "nimiq-primitives"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-34065"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252",
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-22T19:19:28Z",
    "nvd_published_at": "2026-04-22T20:16:41Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nAn untrusted p2p peer can cause a node to panic by announcing an election macro block whose `validators` set contains an invalid compressed BLS voting key.\n\nHashing an election macro header hashes `validators` and reaches `Validators::voting_keys()`, which calls `validator.voting_key.uncompress().unwrap()` and panics on invalid bytes.\n\n### Patches\n[The patch for this vulnerability](https://github.com/nimiq/core-rs-albatross/commit/e10eaebcd7774e5da6d0ff5e88ed13503474f0ff) is included as part of [v1.3.0](https://github.com/nimiq/core-rs-albatross/releases/tag/v1.3.0).\n\n### Workarounds\nNo known workarounds.",
  "id": "GHSA-7c4j-2m43-2mgh",
  "modified": "2026-04-27T16:22:32Z",
  "published": "2026-04-22T19:19:28Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-7c4j-2m43-2mgh"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34065"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nimiq/core-rs-albatross/pull/3662"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nimiq/core-rs-albatross/commit/e10eaebcd7774e5da6d0ff5e88ed13503474f0ff"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nimiq/core-rs-albatross"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nimiq/core-rs-albatross/releases/tag/v1.3.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals"
}

GHSA-7HM4-28MG-FMP9

Vulnerability from github – Published: 2022-04-21 01:29 – Updated: 2022-04-21 01:29
VLAI
Details

manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-1999-0199"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-06T13:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree\u0027s root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.",
  "id": "GHSA-7hm4-28mg-fmp9",
  "modified": "2022-04-21T01:29:06Z",
  "published": "2022-04-21T01:29:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-1999-0199"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40"
    },
    {
      "type": "WEB",
      "url": "https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz"
    },
    {
      "type": "WEB",
      "url": "https://www.cee.studio/tdelete.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation MIT-53
Implementation

Check the results of all functions that return a value and verify that the value is expected.

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Implementation

Ensure that you account for all possible return values from the function.

Mitigation
Implementation

When designing a function, make sure you return a value or throw an exception in case of an error.

No CAPEC attack patterns related to this CWE.