CWE-617
AllowedReachable Assertion
Abstraction: Base · Status: Draft
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
989 vulnerabilities reference this CWE, most recent first.
GHSA-4Q35-7XFH-HC3H
Vulnerability from github – Published: 2025-01-22 00:33 – Updated: 2025-01-23 18:31A reachable assertion in the decode_linked_ti_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
{
"affected": [],
"aliases": [
"CVE-2024-24420"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-21T23:15:12Z",
"severity": "HIGH"
},
"details": "A reachable assertion in the decode_linked_ti_ie function of Magma \u003c= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.",
"id": "GHSA-4q35-7xfh-hc3h",
"modified": "2025-01-23T18:31:18Z",
"published": "2025-01-22T00:33:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24420"
},
{
"type": "WEB",
"url": "https://cellularsecurity.org/ransacked"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4Q89-84PM-R2P6
Vulnerability from github – Published: 2024-10-07 03:30 – Updated: 2024-10-07 21:33In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535.
{
"affected": [],
"aliases": [
"CVE-2024-20094"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-07T03:15:02Z",
"severity": "HIGH"
},
"details": "In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535.",
"id": "GHSA-4q89-84pm-r2p6",
"modified": "2024-10-07T21:33:30Z",
"published": "2024-10-07T03:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20094"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/October-2024"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4V5P-V5H9-6XJX
Vulnerability from github – Published: 2022-02-09 23:49 – Updated: 2024-11-13 22:40Impact
An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operation are duplicated.
Patches
We have patched the issue in GitHub commit c2b31ff2d3151acb230edc3f5b1832d2c713a9e0.
The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
}
],
"aliases": [
"CVE-2022-23565"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": true,
"github_reviewed_at": "2022-02-03T20:24:46Z",
"nvd_published_at": "2022-02-04T23:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nAn attacker can trigger denial of service via assertion failure by altering a `SavedModel` on disk such that `AttrDef`s of some operation are duplicated.\n\n### Patches\nWe have patched the issue in GitHub commit [c2b31ff2d3151acb230edc3f5b1832d2c713a9e0](https://github.com/tensorflow/tensorflow/commit/c2b31ff2d3151acb230edc3f5b1832d2c713a9e0).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.",
"id": "GHSA-4v5p-v5h9-6xjx",
"modified": "2024-11-13T22:40:58Z",
"published": "2022-02-09T23:49:01Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23565"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/c2b31ff2d3151acb230edc3f5b1832d2c713a9e0"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-74.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-129.yaml"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "`CHECK`-failures in Tensorflow"
}
GHSA-4VH7-R4M9-4W3V
Vulnerability from github – Published: 2022-05-24 17:49 – Updated: 2022-05-24 17:49In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting values for the tkey-gssapi-keytab or tkey-gssapi-credential configuration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. For servers that meet these conditions, the ISC SPNEGO implementation is vulnerable to various attacks, depending on the CPU architecture for which BIND was built: For named binaries compiled for 64-bit platforms, this flaw can be used to trigger a buffer over-read, leading to a server crash. For named binaries compiled for 32-bit platforms, this flaw can be used to trigger a server crash due to a buffer overflow and possibly also to achieve remote code execution. We have determined that standard SPNEGO implementations are available in the MIT and Heimdal Kerberos libraries, which support a broad range of operating systems, rendering the ISC implementation unnecessary and obsolete. Therefore, to reduce the attack surface for BIND users, we will be removing the ISC SPNEGO implementation in the April releases of BIND 9.11 and 9.16 (it had already been dropped from BIND 9.17). We would not normally remove something from a stable ESV (Extended Support Version) of BIND, but since system libraries can replace the ISC SPNEGO implementation, we have made an exception in this case for reasons of stability and security.
{
"affected": [],
"aliases": [
"CVE-2021-25216"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-190",
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-29T01:15:00Z",
"severity": "CRITICAL"
},
"details": "In BIND 9.5.0 -\u003e 9.11.29, 9.12.0 -\u003e 9.16.13, and versions BIND 9.11.3-S1 -\u003e 9.11.29-S1 and 9.16.8-S1 -\u003e 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -\u003e 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND\u0027s default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting values for the tkey-gssapi-keytab or tkey-gssapi-credential configuration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. For servers that meet these conditions, the ISC SPNEGO implementation is vulnerable to various attacks, depending on the CPU architecture for which BIND was built: For named binaries compiled for 64-bit platforms, this flaw can be used to trigger a buffer over-read, leading to a server crash. For named binaries compiled for 32-bit platforms, this flaw can be used to trigger a server crash due to a buffer overflow and possibly also to achieve remote code execution. We have determined that standard SPNEGO implementations are available in the MIT and Heimdal Kerberos libraries, which support a broad range of operating systems, rendering the ISC implementation unnecessary and obsolete. Therefore, to reduce the attack surface for BIND users, we will be removing the ISC SPNEGO implementation in the April releases of BIND 9.11 and 9.16 (it had already been dropped from BIND 9.17). We would not normally remove something from a stable ESV (Extended Support Version) of BIND, but since system libraries can replace the ISC SPNEGO implementation, we have made an exception in this case for reasons of stability and security.",
"id": "GHSA-4vh7-r4m9-4w3v",
"modified": "2022-05-24T17:49:12Z",
"published": "2022-05-24T17:49:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25216"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"type": "WEB",
"url": "https://kb.isc.org/v1/docs/cve-2021-25215"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210521-0006"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4909"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-657"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/04/29/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4VP8-CX5P-GWX4
Vulnerability from github – Published: 2022-05-01 07:15 – Updated: 2024-02-15 21:31BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
{
"affected": [],
"aliases": [
"CVE-2006-4095"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2006-09-06T00:04:00Z",
"severity": "MODERATE"
},
"details": "BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.",
"id": "GHSA-4vp8-cx5p-gwx4",
"modified": "2024-02-15T21:31:23Z",
"published": "2022-05-01T07:15:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4095"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28745"
},
{
"type": "WEB",
"url": "https://issues.rpath.com/browse/RPL-626"
},
{
"type": "WEB",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
},
{
"type": "WEB",
"url": "http://docs.info.apple.com/article.html?artnum=305530"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/21752"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/21786"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/21816"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/21818"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/21828"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/21835"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/21838"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/21912"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/21926"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/22298"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/24950"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/25402"
},
{
"type": "WEB",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200609-11.xml"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1016794"
},
{
"type": "WEB",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.481241"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/915404"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:163"
},
{
"type": "WEB",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en"
},
{
"type": "WEB",
"url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
},
{
"type": "WEB",
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"type": "WEB",
"url": "http://www.openbsd.org/errata.html"
},
{
"type": "WEB",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/445600/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/19859"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-343-1"
},
{
"type": "WEB",
"url": "http://www.us.debian.org/security/2006/dsa-1172"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2006/3473"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2007/1939"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4VWR-5VPH-4MJG
Vulnerability from github – Published: 2026-01-30 18:31 – Updated: 2026-01-30 21:30Insufficient epoch key slot processing in OpenVPN 2.7_alpha1 through 2.7_rc5 allows remote authenticated users to trigger an assert resulting in a denial of service
{
"affected": [],
"aliases": [
"CVE-2025-15497"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-30T18:15:55Z",
"severity": "LOW"
},
"details": "Insufficient epoch key slot processing in OpenVPN 2.7_alpha1 through 2.7_rc5 allows remote authenticated users to trigger an assert resulting in a denial of service",
"id": "GHSA-4vwr-5vph-4mjg",
"modified": "2026-01-30T21:30:22Z",
"published": "2026-01-30T18:31:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15497"
},
{
"type": "WEB",
"url": "https://community.openvpn.net/Security%20Announcements/CVE-2025-15497"
},
{
"type": "WEB",
"url": "https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00156.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-4WV2-475W-C2FW
Vulnerability from github – Published: 2022-05-13 01:07 – Updated: 2022-05-13 01:07An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default.
{
"affected": [],
"aliases": [
"CVE-2018-17204"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-09-19T16:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default.",
"id": "GHSA-4wv2-475w-c2fw",
"modified": "2022-05-13T01:07:36Z",
"published": "2022-05-13T01:07:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17204"
},
{
"type": "WEB",
"url": "https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:3500"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:0053"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:0081"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3873-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-4X4C-8QP9-8GGH
Vulnerability from github – Published: 2025-07-16 18:32 – Updated: 2025-11-05 00:31If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 (the only allowable value other than disabled), and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or authoritative records, the daemon will abort with an assertion failure.
This issue affects BIND 9 versions 9.20.0 through 9.20.10, 9.21.0 through 9.21.9, and 9.20.9-S1 through 9.20.10-S1.
{
"affected": [],
"aliases": [
"CVE-2025-40777"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-16T18:15:24Z",
"severity": "HIGH"
},
"details": "If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only allowable value other than `disabled`), and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or authoritative records, the daemon will abort with an assertion failure.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.10, 9.21.0 through 9.21.9, and 9.20.9-S1 through 9.20.10-S1.",
"id": "GHSA-4x4c-8qp9-8ggh",
"modified": "2025-11-05T00:31:21Z",
"published": "2025-07-16T18:32:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40777"
},
{
"type": "WEB",
"url": "https://kb.isc.org/docs/cve-2025-40777"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/07/16/6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4X7Q-RCVP-6CW4
Vulnerability from github – Published: 2022-01-21 00:00 – Updated: 2022-01-27 00:02There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' failed at /jerry-core/ecma/base/ecma-literal-storage.c in JerryScript 3.0.0.
{
"affected": [],
"aliases": [
"CVE-2021-46348"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-20T22:15:00Z",
"severity": "MODERATE"
},
"details": "There is an Assertion \u0027ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)\u0027 failed at /jerry-core/ecma/base/ecma-literal-storage.c in JerryScript 3.0.0.",
"id": "GHSA-4x7q-rcvp-6cw4",
"modified": "2022-01-27T00:02:23Z",
"published": "2022-01-21T00:00:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46348"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript/issues/4941"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-4XQW-XQG4-37MF
Vulnerability from github – Published: 2022-03-27 00:00 – Updated: 2022-04-01 00:00stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw.
{
"affected": [],
"aliases": [
"CVE-2022-27938"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-26T13:15:00Z",
"severity": "MODERATE"
},
"details": "stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw.",
"id": "GHSA-4xqw-xqg4-37mf",
"modified": "2022-04-01T00:00:49Z",
"published": "2022-03-27T00:00:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27938"
},
{
"type": "WEB",
"url": "https://github.com/saitoha/libsixel/issues/163"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)
Mitigation
Strategy: Input Validation
Perform input validation on user data.
No CAPEC attack patterns related to this CWE.