Common Weakness Enumeration

CWE-391

Prohibited

Unchecked Error Condition

Abstraction: Base · Status: Incomplete

[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.

47 vulnerabilities reference this CWE, most recent first.

CVE-2025-71325 (GCVE-0-2025-71325)

Vulnerability from cvelistv5 – Published: 2026-06-17 15:05 – Updated: 2026-06-17 17:28
VLAI
Title
picklescan - Detection Bypass via STACK_GLOBAL Opcode Parsing Logic Flaw
Summary
picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOBAL opcodes, failing to track arguments in the correct range and allowing malicious pickle files to bypass detection. Attackers can craft pickle files with arguments at position zero to trigger unexpected exceptions and evade security scanning.
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-391 - Unchecked Error Condition
Assigner
Impacted products
Vendor Product Version
picklescan picklescan Affected: 0 , < 0.0.27 (semver)
Unaffected: 0.0.27 (semver)
Create a notification for this product.
Date Public
2025-08-10 00:00
Credits
Lyutoon
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-71325",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-17T17:27:40.928251Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-17T17:28:10.471Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9gvj-pp9x-gcfr"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageURL": "pkg:pypi/picklescan",
          "product": "picklescan",
          "vendor": "picklescan",
          "versions": [
            {
              "lessThan": "0.0.27",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "0.0.27",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:mmaitre314:picklescan:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "0.0.27",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Lyutoon"
        }
      ],
      "datePublic": "2025-08-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOBAL opcodes, failing to track arguments in the correct range and allowing malicious pickle files to bypass detection. Attackers can craft pickle files with arguments at position zero to trigger unexpected exceptions and evade security scanning."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS"
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "Unchecked Error Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-17T15:05:00.840Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "GHSA Advisory GHSA-9gvj-pp9x-gcfr",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9gvj-pp9x-gcfr"
        },
        {
          "name": "https://github.com/mmaitre314/picklescan/commit/2a8383cfeb4158567f9770d86597300c9e508d0f",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/mmaitre314/picklescan/commit/2a8383cfeb4158567f9770d86597300c9e508d0f"
        },
        {
          "name": "VulnCheck Advisory: picklescan - Detection Bypass via STACK_GLOBAL Opcode Parsing Logic Flaw",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/picklescan-detection-bypass-via-stack-global-opcode-parsing-logic-flaw"
        }
      ],
      "title": "picklescan - Detection Bypass via STACK_GLOBAL Opcode Parsing Logic Flaw",
      "x_generator": {
        "engine": "vulncheck-endgame"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2025-71325",
    "datePublished": "2026-06-17T15:05:00.840Z",
    "dateReserved": "2026-06-08T20:44:31.209Z",
    "dateUpdated": "2026-06-17T17:28:10.471Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-52316 (GCVE-0-2024-52316)

Vulnerability from cvelistv5 – Published: 2024-11-18 11:32 – Updated: 2025-11-04 15:59
VLAI
Title
Apache Tomcat: Authentication bypass when using Jakarta Authentication API
Summary
Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta Authentication components that behave in this way. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-391 - Unchecked Error Condition
Assigner
Impacted products
Vendor Product Version
Apache Software Foundation Apache Tomcat Affected: 11.0.0-M1 , ≤ 11.0.0-M26 (semver)
Affected: 10.1.0-M1 , ≤ 10.1.30 (semver)
Affected: 9.0.0-M1 , ≤ 9.0.95 (semver)
Affected: 8.5.0 , ≤ 8.5.100 (semver)
Unknown: 10.0.0-M1 , ≤ 10.0.27 (semver)
Create a notification for this product.
apache tomcat Affected: 9.0.0-M1 , ≤ 9.0.95 (semver)
Affected: 10.1.0-M1 , ≤ 10.1.30 (semver)
Affected: 11.0.0-M1 , ≤ 11.0.0-M26 (semver)
    cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tomcat",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "9.0.95",
                "status": "affected",
                "version": "9.0.0-M1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "10.1.30",
                "status": "affected",
                "version": "10.1.0-M1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "11.0.0-M26",
                "status": "affected",
                "version": "11.0.0-M1",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52316",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-18T14:50:59.890424Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-04T15:59:51.152Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:45:28.908Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/11/18/2"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250124-0003/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.0-M26",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.30",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.95",
              "status": "affected",
              "version": "9.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.100",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.27",
              "status": "unknown",
              "version": "10.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUnchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC)\u0026nbsp;ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta\u0026nbsp;Authentication components that behave in this way.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\u003c/p\u003e\u003cp\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100.\u0026nbsp;Other EOL versions may also be affected.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue.\u003c/p\u003e"
            }
          ],
          "value": "Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC)\u00a0ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta\u00a0Authentication components that behave in this way.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100.\u00a0Other EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391 Unchecked Error Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T11:51:23.610Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/lopzlqh91jj9n334g02om08sbysdb928"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Apache Tomcat: Authentication bypass when using Jakarta Authentication API",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-52316",
    "datePublished": "2024-11-18T11:32:22.072Z",
    "dateReserved": "2024-11-07T07:41:56.639Z",
    "dateUpdated": "2025-11-04T15:59:51.152Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-23326 (GCVE-0-2024-23326)

Vulnerability from cvelistv5 – Published: 2024-06-04 20:05 – Updated: 2024-08-01 22:59
VLAI
Title
Envoy incorrectly accepts HTTP 200 response for entering upgrade mode
Summary
Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a server can be tricked into adding an upgrade header into a response. Per RFC https://www.rfc-editor.org/rfc/rfc7230#section-6.7 a server sends 101 when switching protocols. Envoy incorrectly accepts a 200 response from a server when requesting a protocol upgrade, but 200 does not indicate protocol switch. This opens up the possibility of request smuggling through Envoy if the server can be tricked into adding the upgrade header to the response.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-391 - Unchecked Error Condition
Assigner
References
Impacted products
Vendor Product Version
envoyproxy envoy Affected: >= 1.13.0, <= 1.30.1
Affected: >= 1.29.0, <= 1.29.4
Affected: >= 1.28.0, <= 1.28.3
Affected: <= 1.27.5
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23326",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-19T12:32:08.718611Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-23T15:53:07.177Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:59:32.189Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "envoy",
          "vendor": "envoyproxy",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.13.0, \u003c= 1.30.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.29.0, \u003c= 1.29.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.28.0, \u003c= 1.28.3"
            },
            {
              "status": "affected",
              "version": "\u003c= 1.27.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a server can be tricked into adding an upgrade header into a response. Per RFC https://www.rfc-editor.org/rfc/rfc7230#section-6.7 a server sends 101 when switching protocols. Envoy incorrectly accepts a 200 response from a server when requesting a protocol upgrade, but 200 does not indicate protocol switch. This opens up the possibility of request smuggling through Envoy if the server can be tricked into adding the upgrade header to the response.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391: Unchecked Error Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-04T20:05:48.230Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c"
        }
      ],
      "source": {
        "advisory": "GHSA-vcf8-7238-v74c",
        "discovery": "UNKNOWN"
      },
      "title": "Envoy incorrectly accepts HTTP 200 response for entering upgrade mode"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-23326",
    "datePublished": "2024-06-04T20:05:48.230Z",
    "dateReserved": "2024-01-15T15:19:19.441Z",
    "dateUpdated": "2024-08-01T22:59:32.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-32871 (GCVE-0-2023-32871)

Vulnerability from cvelistv5 – Published: 2024-05-06 02:51 – Updated: 2025-03-17 17:02
VLAI
Summary
In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-391 - Unchecked Error Condition
Assigner
Impacted products
Vendor Product Version
MediaTek, Inc. MT2737, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8755, MT8765, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798 Affected: Android 11.0, 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3, 4.0 / RDK-B 22Q3
Create a notification for this product.
mediatek mt6739 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6761 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6768 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6771 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6779 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6781 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6789 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6833 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6853 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6853t Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6855 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6873 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6879 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6880 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6883 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6885 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6889 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6890 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6893 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6895 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6980 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6983 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6985 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6990 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8167 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8167s Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8168 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8175 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8185 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8188 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8195 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8362a Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8365 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8385 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8390 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8395 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8755 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8765 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8766 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8768 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8775 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8781 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8786 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8788 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8789 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8791 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8791t Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8797 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt2737 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6765 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6785 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6835 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6877 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6886 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6897 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt6989 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8173 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8321 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*
Create a notification for this product.
mediatek mt8798 Affected: android_11.0 , ≤ android_14.0 (custom)
    cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6739",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6761",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6768",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6771",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6779",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6781",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6789",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6833",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6853",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6853t",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6855",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6873",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6879",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6880",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6883",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6885",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6889",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6890",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6893",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6895",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6980",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6983",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6985",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6990",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8167",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8167s",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8168",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8175",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8185",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8188",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8195",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8362a",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8365",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8385",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8390",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8395",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8755",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8765",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8766",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8768",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8775",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8781",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8786",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8788",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8789",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8791",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8791t",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8797",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt2737",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6765",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6785",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6835",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6877",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6886",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6897",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt6989",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8173",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8321",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "mt8798",
            "vendor": "mediatek",
            "versions": [
              {
                "lessThanOrEqual": "android_14.0",
                "status": "affected",
                "version": "android_11.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-32871",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-07T04:00:28.814395Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-17T17:02:28.221Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:32:46.185Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://corp.mediatek.com/product-security-bulletin/May-2024"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT2737, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8755, MT8765, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Android 11.0, 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3, 4.0 / RDK-B 22Q3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391 Unchecked Error Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-06T02:51:52.075Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/May-2024"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2023-32871",
    "datePublished": "2024-05-06T02:51:52.075Z",
    "dateReserved": "2023-05-16T03:04:32.164Z",
    "dateUpdated": "2025-03-17T17:02:28.221Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-0572 (GCVE-0-2023-0572)

Vulnerability from cvelistv5 – Published: 2023-01-29 00:00 – Updated: 2025-03-28 15:42
VLAI
Title
Unchecked Error Condition in froxlor/froxlor
Summary
Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-391 - Unchecked Error Condition
Assigner
Impacted products
Vendor Product Version
froxlor froxlor/froxlor Affected: unspecified , < 2.0.10 (custom)
Create a notification for this product.
Credits
Ahmed Hassan (ahmedvienna) Josef Hassan (josefjku)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:17:49.994Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/4ab24ee2-3ff6-4248-9555-0af3e5f754ec"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/froxlor/froxlor/commit/7b08a71c59430d06c1efb012a6c6448262aacdb1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-0572",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-28T15:42:38.029869Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-28T15:42:50.200Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "froxlor/froxlor",
          "vendor": "froxlor",
          "versions": [
            {
              "lessThan": "2.0.10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Ahmed Hassan (ahmedvienna)"
        },
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Josef Hassan (josefjku)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUnchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.\u003c/p\u003e"
            }
          ],
          "value": "Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391 Unchecked Error Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-18T10:10:34.390Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntr_ai"
      },
      "references": [
        {
          "url": "https://huntr.dev/bounties/4ab24ee2-3ff6-4248-9555-0af3e5f754ec"
        },
        {
          "url": "https://github.com/froxlor/froxlor/commit/7b08a71c59430d06c1efb012a6c6448262aacdb1"
        }
      ],
      "source": {
        "advisory": "4ab24ee2-3ff6-4248-9555-0af3e5f754ec",
        "discovery": "EXTERNAL"
      },
      "title": "Unchecked Error Condition in froxlor/froxlor",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2023-0572",
    "datePublished": "2023-01-29T00:00:00.000Z",
    "dateReserved": "2023-01-29T00:00:00.000Z",
    "dateUpdated": "2025-03-28T15:42:50.200Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-22160 (GCVE-0-2022-22160)

Vulnerability from cvelistv5 – Published: 2022-01-19 00:21 – Updated: 2024-09-17 03:59
VLAI
Title
Junos OS: MX Series: The bbe-smgd process crashes if an unsupported configuration exists and a PPPoE client sends a specific message
Summary
An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial of Service (DoS). In a subscriber management / broadband edge environment if a single session group configuration contains dual-stack and a pp0 interface, smgd will crash and restart every time a PPPoE client sends a specific message. This issue affects Juniper Networks Junos OS on MX Series: 16.1 version 16.1R1 and later versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1.
CWE
  • CWE-391 - Unchecked Error Condition
  • Denial of Service (DoS)
Assigner
References
URL Tags
https://kb.juniper.net/JSA11268 x_refsource_CONFIRM
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: unspecified , < 18.4R3-S10 (custom)
Unaffected: unspecified , < 16.1R1 (custom)
Affected: 16.1R1 , < 16.1* (custom)
Affected: 19.1 , < 19.1R2-S3, 19.1R3-S7 (custom)
Affected: 19.2 , < 19.2R1-S8, 19.2R3-S4 (custom)
Affected: 19.3 , < 19.3R3-S4 (custom)
Affected: 19.4 , < 19.4R3-S5 (custom)
Affected: 20.1 , < 20.1R3-S3 (custom)
Affected: 20.2 , < 20.2R3-S3 (custom)
Affected: 20.3 , < 20.3R3-S2 (custom)
Affected: 20.4 , < 20.4R3 (custom)
Affected: 21.1 , < 21.1R3 (custom)
Affected: 21.2 , < 21.2R2 (custom)
Create a notification for this product.
Date Public
2022-01-12 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:07:49.294Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA11268"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "MX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "18.4R3-S10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "16.1R1",
              "status": "unaffected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "16.1*",
              "status": "affected",
              "version": "16.1R1",
              "versionType": "custom"
            },
            {
              "lessThan": "19.1R2-S3, 19.1R3-S7",
              "status": "affected",
              "version": "19.1",
              "versionType": "custom"
            },
            {
              "lessThan": "19.2R1-S8, 19.2R3-S4",
              "status": "affected",
              "version": "19.2",
              "versionType": "custom"
            },
            {
              "lessThan": "19.3R3-S4",
              "status": "affected",
              "version": "19.3",
              "versionType": "custom"
            },
            {
              "lessThan": "19.4R3-S5",
              "status": "affected",
              "version": "19.4",
              "versionType": "custom"
            },
            {
              "lessThan": "20.1R3-S3",
              "status": "affected",
              "version": "20.1",
              "versionType": "custom"
            },
            {
              "lessThan": "20.2R3-S3",
              "status": "affected",
              "version": "20.2",
              "versionType": "custom"
            },
            {
              "lessThan": "20.3R3-S2",
              "status": "affected",
              "version": "20.3",
              "versionType": "custom"
            },
            {
              "lessThan": "20.4R3",
              "status": "affected",
              "version": "20.4",
              "versionType": "custom"
            },
            {
              "lessThan": "21.1R3",
              "status": "affected",
              "version": "21.1",
              "versionType": "custom"
            },
            {
              "lessThan": "21.2R2",
              "status": "affected",
              "version": "21.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "The following is an example of an affected configuration:\n\n  user@device# show system services dhcp-local-server dhcpv6                                                   \n  ...\n  group \u003cgroup-name1\u003e {\n      overrides {\n  ...\n          dual-stack \u003cdual-stack-group-name\u003e;\n      }\n  ...\n      interface pp0.0;\n  ...\n  }"
        }
      ],
      "datePublic": "2022-01-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial of Service (DoS). In a subscriber management / broadband edge environment if a single session group configuration contains dual-stack and a pp0 interface, smgd will crash and restart every time a PPPoE client sends a specific message. This issue affects Juniper Networks Junos OS on MX Series: 16.1 version 16.1R1 and later versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391 Unchecked Error Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-19T00:21:03.000Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA11268"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 18.4R3-S10, 19.1R2-S3, 19.1R3-S7, 19.2R1-S8, 19.2R3-S4, 19.3R3-S4, 19.4R3-S5, 20.1R3-S3, 20.2R3-S3, 20.3R3-S2, 20.4R3, 21.1R3, 21.2R2, 21.3R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA11268",
        "defect": [
          "1580528"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: MX Series: The bbe-smgd process crashes if an unsupported configuration exists and a PPPoE client sends a specific message",
      "workarounds": [
        {
          "lang": "en",
          "value": "Remove the pp0 interface from a DHCPv6 dual-stack group and move to its own group with no dual-stack enabled.\n\n  user@device# show system services dhcp-local-server dhcpv6                                                   \n  ...\n  group \u003cgroup-name1\u003e {\n      overrides {\n  ...\n          dual-stack \u003cdual-stack-group-name\u003e;\n      }\n  ...\n      interface pp0.0; \u003c\u003c\u003c\u003c\u003c delete and add to new group\n  ...\n  }\n\n  group \u003cgroup-name2\u003e { \u003c\u003c\u003c\u003c\u003c new group for PP0 interfaces to be handled separately.\n  ...\n      interface pp0.0; \u003c\u003c\u003c\u003c\u003c\n  ...\n  }"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2022-01-12T17:00:00.000Z",
          "ID": "CVE-2022-22160",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: MX Series: The bbe-smgd process crashes if an unsupported configuration exists and a PPPoE client sends a specific message"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003e=",
                            "version_name": "16.1",
                            "version_value": "16.1R1"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_value": "18.4R3-S10"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "19.1",
                            "version_value": "19.1R2-S3, 19.1R3-S7"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "19.2",
                            "version_value": "19.2R1-S8, 19.2R3-S4"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "19.3",
                            "version_value": "19.3R3-S4"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "19.4",
                            "version_value": "19.4R3-S5"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "20.1",
                            "version_value": "20.1R3-S3"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "20.2",
                            "version_value": "20.2R3-S3"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "20.3",
                            "version_value": "20.3R3-S2"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "20.4",
                            "version_value": "20.4R3"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "21.1",
                            "version_value": "21.1R3"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "\u003c",
                            "version_name": "21.2",
                            "version_value": "21.2R2"
                          },
                          {
                            "platform": "MX Series",
                            "version_affected": "!\u003c",
                            "version_value": "16.1R1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "The following is an example of an affected configuration:\n\n  user@device# show system services dhcp-local-server dhcpv6                                                   \n  ...\n  group \u003cgroup-name1\u003e {\n      overrides {\n  ...\n          dual-stack \u003cdual-stack-group-name\u003e;\n      }\n  ...\n      interface pp0.0;\n  ...\n  }"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial of Service (DoS). In a subscriber management / broadband edge environment if a single session group configuration contains dual-stack and a pp0 interface, smgd will crash and restart every time a PPPoE client sends a specific message. This issue affects Juniper Networks Junos OS on MX Series: 16.1 version 16.1R1 and later versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-391 Unchecked Error Condition"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service (DoS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11268",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA11268"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 18.4R3-S10, 19.1R2-S3, 19.1R3-S7, 19.2R1-S8, 19.2R3-S4, 19.3R3-S4, 19.4R3-S5, 20.1R3-S3, 20.2R3-S3, 20.3R3-S2, 20.4R3, 21.1R3, 21.2R2, 21.3R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA11268",
          "defect": [
            "1580528"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Remove the pp0 interface from a DHCPv6 dual-stack group and move to its own group with no dual-stack enabled.\n\n  user@device# show system services dhcp-local-server dhcpv6                                                   \n  ...\n  group \u003cgroup-name1\u003e {\n      overrides {\n  ...\n          dual-stack \u003cdual-stack-group-name\u003e;\n      }\n  ...\n      interface pp0.0; \u003c\u003c\u003c\u003c\u003c delete and add to new group\n  ...\n  }\n\n  group \u003cgroup-name2\u003e { \u003c\u003c\u003c\u003c\u003c new group for PP0 interfaces to be handled separately.\n  ...\n      interface pp0.0; \u003c\u003c\u003c\u003c\u003c\n  ...\n  }"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2022-22160",
    "datePublished": "2022-01-19T00:21:04.016Z",
    "dateReserved": "2021-12-21T00:00:00.000Z",
    "dateUpdated": "2024-09-17T03:59:29.486Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20849 (GCVE-0-2022-20849)

Vulnerability from cvelistv5 – Published: 2024-11-15 15:31 – Updated: 2024-11-15 15:46
VLAI
Title
Cisco IOS XR Software Broadband Network Gateway PPPoE Denial of Service Vulnerability
Summary
A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco&nbsp;IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash. This vulnerability exists because the PPPoE feature does not properly handle an error condition within a specific crafted packet sequence. An attacker could exploit this vulnerability by sending a sequence of specific PPPoE packets from controlled customer premises equipment (CPE). A successful exploit could allow the attacker to cause the PPPoE process to continually restart, resulting in a denial of service condition (DoS).Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco&nbsp;IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see .
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-391 - Unchecked Error Condition
Assigner
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Affected: 6.5.3
Affected: 6.6.1
Affected: 6.5.15
Affected: 7.0.1
Affected: 6.6.25
Affected: 6.6.2
Affected: 6.5.1
Affected: 6.5.2
Affected: 7.1.1
Affected: 7.0.90
Affected: 6.6.3
Affected: 6.7.1
Affected: 7.0.2
Affected: 7.1.15
Affected: 7.1.2
Affected: 7.2.1
Affected: 6.7.2
Affected: 7.1.25
Affected: 6.6.4
Affected: 7.3.1
Affected: 7.1.3
Affected: 6.7.3
Affected: 7.4.1
Affected: 7.2.2
Affected: 6.8.1
Affected: 7.3.2
Affected: 7.5.1
Affected: 7.3.3
Affected: 6.8.2
Affected: 7.3.4
Affected: 7.4.2
Affected: 6.7.35
Affected: 6.9.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20849",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T15:46:04.754318Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T15:46:25.684Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.5.3"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.5.15"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.25"
            },
            {
              "status": "affected",
              "version": "6.6.2"
            },
            {
              "status": "affected",
              "version": "6.5.1"
            },
            {
              "status": "affected",
              "version": "6.5.2"
            },
            {
              "status": "affected",
              "version": "7.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.90"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.7.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.15"
            },
            {
              "status": "affected",
              "version": "7.1.2"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "6.7.2"
            },
            {
              "status": "affected",
              "version": "7.1.25"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.1.3"
            },
            {
              "status": "affected",
              "version": "6.7.3"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "6.8.1"
            },
            {
              "status": "affected",
              "version": "7.3.2"
            },
            {
              "status": "affected",
              "version": "7.5.1"
            },
            {
              "status": "affected",
              "version": "7.3.3"
            },
            {
              "status": "affected",
              "version": "6.8.2"
            },
            {
              "status": "affected",
              "version": "7.3.4"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            },
            {
              "status": "affected",
              "version": "6.7.35"
            },
            {
              "status": "affected",
              "version": "6.9.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco\u0026nbsp;IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash.\r\nThis vulnerability exists because the PPPoE feature does not properly handle an error condition within a specific crafted packet sequence. An attacker could exploit this vulnerability by sending a sequence of specific PPPoE packets from controlled customer premises equipment (CPE). A successful exploit could allow the attacker to cause the PPPoE process to continually restart, resulting in a denial of service condition (DoS).Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco\u0026nbsp;IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see ."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco\u00a0PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "Unchecked Error Condition",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-15T15:31:20.913Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-iosxr-bng-Gmg5Gxt",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bng-Gmg5Gxt"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-bng-Gmg5Gxt",
        "defects": [
          "CSCwa57311"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Cisco IOS XR Software Broadband Network Gateway PPPoE Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20849",
    "datePublished": "2024-11-15T15:31:20.913Z",
    "dateReserved": "2021-11-02T13:28:29.180Z",
    "dateUpdated": "2024-11-15T15:46:25.684Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-14383 (GCVE-0-2020-14383)

Vulnerability from cvelistv5 – Published: 2020-12-02 00:00 – Updated: 2024-08-15 15:47
VLAI
Summary
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.
Severity
No CVSS data available.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
n/a samba Affected: samba 4.11.15, samba 4.12.9, samba 4.13.1
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:46:34.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892636"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.samba.org/samba/security/CVE-2020-14383.html"
          },
          {
            "name": "GLSA-202012-24",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202012-24"
          },
          {
            "name": "[debian-lts-announce] 20240422 [SECURITY] [DLA 3792-1] samba security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-14383",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-23T15:10:17.178172Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-15T15:47:32.520Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "samba",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "samba 4.11.15, samba 4.12.9, samba 4.13.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in samba\u0027s DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-22T16:05:57.710Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892636"
        },
        {
          "url": "https://www.samba.org/samba/security/CVE-2020-14383.html"
        },
        {
          "name": "GLSA-202012-24",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202012-24"
        },
        {
          "name": "[debian-lts-announce] 20240422 [SECURITY] [DLA 3792-1] samba security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-14383",
    "datePublished": "2020-12-02T00:00:00.000Z",
    "dateReserved": "2020-06-17T00:00:00.000Z",
    "dateUpdated": "2024-08-15T15:47:32.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-14853 (GCVE-0-2019-14853)

Vulnerability from cvelistv5 – Published: 2019-11-26 12:06 – Updated: 2024-08-05 00:26
VLAI
Summary
An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.
CWE
Assigner
References
Impacted products
Vendor Product Version
[UNKNOWN] python-ecdsa Affected: 0.13.3
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:26:39.175Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14853"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3"
          },
          {
            "name": "DSA-4588",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4588"
          },
          {
            "name": "20191218 [SECURITY] [DSA 4588-1] python-ecdsa security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Dec/33"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "python-ecdsa",
          "vendor": "[UNKNOWN]",
          "versions": [
            {
              "status": "affected",
              "version": "0.13.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-18T12:06:05.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14853"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3"
        },
        {
          "name": "DSA-4588",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4588"
        },
        {
          "name": "20191218 [SECURITY] [DSA 4588-1] python-ecdsa security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Dec/33"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-14853",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "python-ecdsa",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.13.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "[UNKNOWN]"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-391"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14853",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14853"
            },
            {
              "name": "https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3",
              "refsource": "MISC",
              "url": "https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3"
            },
            {
              "name": "DSA-4588",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4588"
            },
            {
              "name": "20191218 [SECURITY] [DSA 4588-1] python-ecdsa security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Dec/33"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-14853",
    "datePublished": "2019-11-26T12:06:20.000Z",
    "dateReserved": "2019-08-10T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:26:39.175Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-1091 (GCVE-0-2018-1091)

Vulnerability from cvelistv5 – Published: 2018-03-27 21:00 – Updated: 2024-08-05 03:51
VLAI
Summary
In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service.
Severity
No CVSS data available.
CWE
Assigner
Impacted products
Vendor Product Version
n/a Linux kernel v4.13 and newer Affected: Linux kernel v4.13 and newer
Date Public
2018-03-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:51:48.251Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1558149"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://marc.info/?l=linuxppc-embedded\u0026m=150535531910494\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2018-1091"
          },
          {
            "name": "RHSA-2018:1318",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1318"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1fa0768a8713b135848f78fd43ffc208d8ded70"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/c1fa0768a8713b135848f78fd43ffc208d8ded70"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2018/03/27/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux kernel v4.13 and newer",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Linux kernel v4.13 and newer"
            }
          ]
        }
      ],
      "datePublic": "2018-03-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-09T09:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1558149"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://marc.info/?l=linuxppc-embedded\u0026m=150535531910494\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/cve/cve-2018-1091"
        },
        {
          "name": "RHSA-2018:1318",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1318"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1fa0768a8713b135848f78fd43ffc208d8ded70"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/c1fa0768a8713b135848f78fd43ffc208d8ded70"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://openwall.com/lists/oss-security/2018/03/27/4"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2018-1091",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux kernel v4.13 and newer",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Linux kernel v4.13 and newer"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-391"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1558149",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1558149"
            },
            {
              "name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.5",
              "refsource": "CONFIRM",
              "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.5"
            },
            {
              "name": "https://marc.info/?l=linuxppc-embedded\u0026m=150535531910494\u0026w=2",
              "refsource": "CONFIRM",
              "url": "https://marc.info/?l=linuxppc-embedded\u0026m=150535531910494\u0026w=2"
            },
            {
              "name": "https://access.redhat.com/security/cve/cve-2018-1091",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/cve/cve-2018-1091"
            },
            {
              "name": "RHSA-2018:1318",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1318"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1fa0768a8713b135848f78fd43ffc208d8ded70",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1fa0768a8713b135848f78fd43ffc208d8ded70"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/c1fa0768a8713b135848f78fd43ffc208d8ded70",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/c1fa0768a8713b135848f78fd43ffc208d8ded70"
            },
            {
              "name": "http://openwall.com/lists/oss-security/2018/03/27/4",
              "refsource": "CONFIRM",
              "url": "http://openwall.com/lists/oss-security/2018/03/27/4"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2018-1091",
    "datePublished": "2018-03-27T21:00:00.000Z",
    "dateReserved": "2017-12-04T00:00:00.000Z",
    "dateUpdated": "2024-08-05T03:51:48.251Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Requirements

The choice between a language which has named or unnamed exceptions needs to be done. While unnamed exceptions exacerbate the chance of not properly dealing with an exception, named exceptions suffer from the up call version of the weak base class problem.

Mitigation
Requirements

A language can be used which requires, at compile time, to catch all serious exceptions. However, one must make sure to use the most current version of the API as new exceptions could be added.

Mitigation
Implementation

Catch all relevant exceptions. This is the recommended solution. Ensure that all exceptions are handled in such a way that you can be sure of the state of your system at any given moment.

No CAPEC attack patterns related to this CWE.