CWE-617
AllowedReachable Assertion
Abstraction: Base · Status: Draft
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
989 vulnerabilities reference this CWE, most recent first.
GHSA-8J48-R5WC-GVR3
Vulnerability from github – Published: 2024-05-14 18:31 – Updated: 2024-05-14 18:31An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.16 and MongoDB Server v6.0 versions prior to and including 6.0.5.
{
"affected": [],
"aliases": [
"CVE-2024-3374"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T16:17:31Z",
"severity": "MODERATE"
},
"details": "An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.16 and MongoDB Server v6.0 versions prior to and including 6.0.5.\n",
"id": "GHSA-8j48-r5wc-gvr3",
"modified": "2024-05-14T18:31:02Z",
"published": "2024-05-14T18:31:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3374"
},
{
"type": "WEB",
"url": "https://jira.mongodb.org/browse/SERVER-75601"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-8J78-7Q6F-P35C
Vulnerability from github – Published: 2022-09-14 00:00 – Updated: 2022-09-19 00:00LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp.
{
"affected": [],
"aliases": [
"CVE-2022-38496"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-13T21:15:00Z",
"severity": "MODERATE"
},
"details": "LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp.",
"id": "GHSA-8j78-7q6f-p35c",
"modified": "2022-09-19T00:00:28Z",
"published": "2022-09-14T00:00:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38496"
},
{
"type": "WEB",
"url": "https://github.com/lief-project/LIEF/issues/765"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8JG6-MX2M-9733
Vulnerability from github – Published: 2025-12-02 03:31 – Updated: 2025-12-02 15:30In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.
{
"affected": [],
"aliases": [
"CVE-2025-20792"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-02T03:16:20Z",
"severity": "MODERATE"
},
"details": "In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.",
"id": "GHSA-8jg6-mx2m-9733",
"modified": "2025-12-02T15:30:31Z",
"published": "2025-12-02T03:31:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20792"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/December-2025"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8JR5-3MRG-HM2V
Vulnerability from github – Published: 2025-12-25 06:30 – Updated: 2025-12-25 06:30Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service.
{
"affected": [],
"aliases": [
"CVE-2025-32095"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-25T05:16:06Z",
"severity": "HIGH"
},
"details": "Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service.",
"id": "GHSA-8jr5-3mrg-hm2v",
"modified": "2025-12-25T06:30:26Z",
"published": "2025-12-25T06:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32095"
},
{
"type": "WEB",
"url": "https://docs.pexip.com/admin/security_bulletins.htm"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8M5C-8FX3-Q2WX
Vulnerability from github – Published: 2022-02-18 00:00 – Updated: 2026-07-05 00:31There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9.
{
"affected": [],
"aliases": [
"CVE-2022-22901"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-17T03:15:00Z",
"severity": "MODERATE"
},
"details": "There is an Assertion in \u0027context_p-\u003enext_scanner_info_p-\u003etype == SCANNER_TYPE_FUNCTION\u0027 failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9.",
"id": "GHSA-8m5c-8fx3-q2wx",
"modified": "2026-07-05T00:31:24Z",
"published": "2022-02-18T00:00:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22901"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript/issues/4916"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript"
},
{
"type": "WEB",
"url": "http://jerryscript.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8MP9-P9G8-5RM9
Vulnerability from github – Published: 2026-06-26 21:32 – Updated: 2026-07-06 21:30In the Linux kernel, the following vulnerability has been resolved:
blk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default()
wbt_init_enable_default() uses WARN_ON_ONCE to check for failures from wbt_alloc() and wbt_init(). However, both are expected failure paths:
- wbt_alloc() can return NULL under memory pressure (-ENOMEM)
- wbt_init() can fail with -EBUSY if wbt is already registered
syzbot triggers this by injecting memory allocation failures during MTD partition creation via ioctl(BLKPG), causing a spurious warning.
wbt_init_enable_default() is a best-effort initialization called from blk_register_queue() with a void return type. Failure simply means the disk operates without writeback throttling, which is harmless.
Replace WARN_ON_ONCE with plain if-checks, consistent with how wbt_set_lat() in the same file already handles these failures. Add a pr_warn() for the wbt_init() failure to retain diagnostic information without triggering a full stack trace.
{
"affected": [],
"aliases": [
"CVE-2026-53319"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-26T20:17:25Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default()\n\nwbt_init_enable_default() uses WARN_ON_ONCE to check for failures from\nwbt_alloc() and wbt_init(). However, both are expected failure paths:\n\n- wbt_alloc() can return NULL under memory pressure (-ENOMEM)\n- wbt_init() can fail with -EBUSY if wbt is already registered\n\nsyzbot triggers this by injecting memory allocation failures during MTD\npartition creation via ioctl(BLKPG), causing a spurious warning.\n\nwbt_init_enable_default() is a best-effort initialization called from\nblk_register_queue() with a void return type. Failure simply means the\ndisk operates without writeback throttling, which is harmless.\n\nReplace WARN_ON_ONCE with plain if-checks, consistent with how\nwbt_set_lat() in the same file already handles these failures. Add a\npr_warn() for the wbt_init() failure to retain diagnostic information\nwithout triggering a full stack trace.",
"id": "GHSA-8mp9-p9g8-5rm9",
"modified": "2026-07-06T21:30:26Z",
"published": "2026-06-26T21:32:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53319"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e9b004ff83067cdf96774b45aea4b239ace99a2f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fd7a982657077469802594a5165bc30b9a55af70"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8PPX-RWM8-H7RP
Vulnerability from github – Published: 2025-01-22 15:32 – Updated: 2025-01-28 00:32Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an eNB Status Transfer message missing a required MME_UE_S1AP_ID field to repeatedly crash the MME, resulting in denial of service.
{
"affected": [],
"aliases": [
"CVE-2023-37010"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-22T15:15:10Z",
"severity": "MODERATE"
},
"details": "Open5GS MME versions \u003c= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `eNB Status Transfer` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.",
"id": "GHSA-8ppx-rwm8-h7rp",
"modified": "2025-01-28T00:32:13Z",
"published": "2025-01-22T15:32:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37010"
},
{
"type": "WEB",
"url": "https://cellularsecurity.org/ransacked"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-8Q73-2FWV-C9PP
Vulnerability from github – Published: 2026-03-06 21:30 – Updated: 2026-03-12 21:34A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 (2025-12-11), in file gc_decref_child in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort (SIGABRT) during garbage collection and causes a denial-of-service.
{
"affected": [],
"aliases": [
"CVE-2025-69653"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-06T19:16:11Z",
"severity": "MODERATE"
},
"details": "A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 (2025-12-11), in file gc_decref_child in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort (SIGABRT) during garbage collection and causes a denial-of-service.",
"id": "GHSA-8q73-2fwv-c9pp",
"modified": "2026-03-12T21:34:39Z",
"published": "2026-03-06T21:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69653"
},
{
"type": "WEB",
"url": "https://github.com/bellard/quickjs/issues/467"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8QC5-FVR8-G263
Vulnerability from github – Published: 2024-05-06 15:30 – Updated: 2024-05-06 15:30Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
{
"affected": [],
"aliases": [
"CVE-2023-43529"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-06T15:15:20Z",
"severity": "HIGH"
},
"details": "Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.",
"id": "GHSA-8qc5-fvr8-g263",
"modified": "2024-05-06T15:30:39Z",
"published": "2024-05-06T15:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43529"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8QXR-QG3C-8M2W
Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2022-01-14 00:02A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).
{
"affected": [],
"aliases": [
"CVE-2021-46055"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-10T14:11:00Z",
"severity": "MODERATE"
},
"details": "A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).",
"id": "GHSA-8qxr-qg3c-8m2w",
"modified": "2022-01-14T00:02:37Z",
"published": "2022-01-11T00:01:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46055"
},
{
"type": "WEB",
"url": "https://github.com/WebAssembly/binaryen/issues/4413"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)
Mitigation
Strategy: Input Validation
Perform input validation on user data.
No CAPEC attack patterns related to this CWE.