Common Weakness Enumeration

CWE-617

Allowed

Reachable Assertion

Abstraction: Base · Status: Draft

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

989 vulnerabilities reference this CWE, most recent first.

GHSA-8J48-R5WC-GVR3

Vulnerability from github – Published: 2024-05-14 18:31 – Updated: 2024-05-14 18:31
VLAI
Details

An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.16 and MongoDB Server v6.0 versions prior to and including 6.0.5.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-3374"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-14T16:17:31Z",
    "severity": "MODERATE"
  },
  "details": "An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.16 and MongoDB Server v6.0 versions prior to and including 6.0.5.\n",
  "id": "GHSA-8j48-r5wc-gvr3",
  "modified": "2024-05-14T18:31:02Z",
  "published": "2024-05-14T18:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3374"
    },
    {
      "type": "WEB",
      "url": "https://jira.mongodb.org/browse/SERVER-75601"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8J78-7Q6F-P35C

Vulnerability from github – Published: 2022-09-14 00:00 – Updated: 2022-09-19 00:00
VLAI
Details

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-38496"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-13T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp.",
  "id": "GHSA-8j78-7q6f-p35c",
  "modified": "2022-09-19T00:00:28Z",
  "published": "2022-09-14T00:00:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38496"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lief-project/LIEF/issues/765"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8JG6-MX2M-9733

Vulnerability from github – Published: 2025-12-02 03:31 – Updated: 2025-12-02 15:30
VLAI
Details

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20792"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-02T03:16:20Z",
    "severity": "MODERATE"
  },
  "details": "In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.",
  "id": "GHSA-8jg6-mx2m-9733",
  "modified": "2025-12-02T15:30:31Z",
  "published": "2025-12-02T03:31:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20792"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/December-2025"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8JR5-3MRG-HM2V

Vulnerability from github – Published: 2025-12-25 06:30 – Updated: 2025-12-25 06:30
VLAI
Details

Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-32095"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-25T05:16:06Z",
    "severity": "HIGH"
  },
  "details": "Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service.",
  "id": "GHSA-8jr5-3mrg-hm2v",
  "modified": "2025-12-25T06:30:26Z",
  "published": "2025-12-25T06:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32095"
    },
    {
      "type": "WEB",
      "url": "https://docs.pexip.com/admin/security_bulletins.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8M5C-8FX3-Q2WX

Vulnerability from github – Published: 2022-02-18 00:00 – Updated: 2026-07-05 00:31
VLAI
Details

There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22901"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-17T03:15:00Z",
    "severity": "MODERATE"
  },
  "details": "There is an Assertion in \u0027context_p-\u003enext_scanner_info_p-\u003etype == SCANNER_TYPE_FUNCTION\u0027 failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9.",
  "id": "GHSA-8m5c-8fx3-q2wx",
  "modified": "2026-07-05T00:31:24Z",
  "published": "2022-02-18T00:00:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22901"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jerryscript-project/jerryscript/issues/4916"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jerryscript-project/jerryscript"
    },
    {
      "type": "WEB",
      "url": "http://jerryscript.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8MP9-P9G8-5RM9

Vulnerability from github – Published: 2026-06-26 21:32 – Updated: 2026-07-06 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

blk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default()

wbt_init_enable_default() uses WARN_ON_ONCE to check for failures from wbt_alloc() and wbt_init(). However, both are expected failure paths:

  • wbt_alloc() can return NULL under memory pressure (-ENOMEM)
  • wbt_init() can fail with -EBUSY if wbt is already registered

syzbot triggers this by injecting memory allocation failures during MTD partition creation via ioctl(BLKPG), causing a spurious warning.

wbt_init_enable_default() is a best-effort initialization called from blk_register_queue() with a void return type. Failure simply means the disk operates without writeback throttling, which is harmless.

Replace WARN_ON_ONCE with plain if-checks, consistent with how wbt_set_lat() in the same file already handles these failures. Add a pr_warn() for the wbt_init() failure to retain diagnostic information without triggering a full stack trace.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-53319"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-26T20:17:25Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default()\n\nwbt_init_enable_default() uses WARN_ON_ONCE to check for failures from\nwbt_alloc() and wbt_init(). However, both are expected failure paths:\n\n- wbt_alloc() can return NULL under memory pressure (-ENOMEM)\n- wbt_init() can fail with -EBUSY if wbt is already registered\n\nsyzbot triggers this by injecting memory allocation failures during MTD\npartition creation via ioctl(BLKPG), causing a spurious warning.\n\nwbt_init_enable_default() is a best-effort initialization called from\nblk_register_queue() with a void return type. Failure simply means the\ndisk operates without writeback throttling, which is harmless.\n\nReplace WARN_ON_ONCE with plain if-checks, consistent with how\nwbt_set_lat() in the same file already handles these failures. Add a\npr_warn() for the wbt_init() failure to retain diagnostic information\nwithout triggering a full stack trace.",
  "id": "GHSA-8mp9-p9g8-5rm9",
  "modified": "2026-07-06T21:30:26Z",
  "published": "2026-06-26T21:32:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53319"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e9b004ff83067cdf96774b45aea4b239ace99a2f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fd7a982657077469802594a5165bc30b9a55af70"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8PPX-RWM8-H7RP

Vulnerability from github – Published: 2025-01-22 15:32 – Updated: 2025-01-28 00:32
VLAI
Details

Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an eNB Status Transfer message missing a required MME_UE_S1AP_ID field to repeatedly crash the MME, resulting in denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-37010"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-22T15:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Open5GS MME versions \u003c= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `eNB Status Transfer` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.",
  "id": "GHSA-8ppx-rwm8-h7rp",
  "modified": "2025-01-28T00:32:13Z",
  "published": "2025-01-22T15:32:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37010"
    },
    {
      "type": "WEB",
      "url": "https://cellularsecurity.org/ransacked"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8Q73-2FWV-C9PP

Vulnerability from github – Published: 2026-03-06 21:30 – Updated: 2026-03-12 21:34
VLAI
Details

A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 (2025-12-11), in file gc_decref_child in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort (SIGABRT) during garbage collection and causes a denial-of-service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-69653"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-06T19:16:11Z",
    "severity": "MODERATE"
  },
  "details": "A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 (2025-12-11), in file gc_decref_child in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort (SIGABRT) during garbage collection and causes a denial-of-service.",
  "id": "GHSA-8q73-2fwv-c9pp",
  "modified": "2026-03-12T21:34:39Z",
  "published": "2026-03-06T21:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69653"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bellard/quickjs/issues/467"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8QC5-FVR8-G263

Vulnerability from github – Published: 2024-05-06 15:30 – Updated: 2024-05-06 15:30
VLAI
Details

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-43529"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-06T15:15:20Z",
    "severity": "HIGH"
  },
  "details": "Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.",
  "id": "GHSA-8qc5-fvr8-g263",
  "modified": "2024-05-06T15:30:39Z",
  "published": "2024-05-06T15:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43529"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8QXR-QG3C-8M2W

Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2022-01-14 00:02
VLAI
Details

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-46055"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-10T14:11:00Z",
    "severity": "MODERATE"
  },
  "details": "A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).",
  "id": "GHSA-8qxr-qg3c-8m2w",
  "modified": "2022-01-14T00:02:37Z",
  "published": "2022-01-11T00:01:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46055"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WebAssembly/binaryen/issues/4413"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation
Implementation

Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)

Mitigation
Implementation

Strategy: Input Validation

Perform input validation on user data.

No CAPEC attack patterns related to this CWE.