CWE-617
AllowedReachable Assertion
Abstraction: Base · Status: Draft
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
989 vulnerabilities reference this CWE, most recent first.
GHSA-JXC4-R8MV-R847
Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an assertion failure vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
{
"affected": [],
"aliases": [
"CVE-2020-20211"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-07T14:15:00Z",
"severity": "MODERATE"
},
"details": "Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an assertion failure vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.",
"id": "GHSA-jxc4-r8mv-r847",
"modified": "2022-05-24T19:07:06Z",
"published": "2022-05-24T19:07:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20211"
},
{
"type": "WEB",
"url": "https://mikrotik.com"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2021/May/0"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-M2JR-X4GQ-5RMJ
Vulnerability from github – Published: 2026-06-02 00:31 – Updated: 2026-07-09 13:43A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora_manager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lora_path leads to reachable assertion. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "sglang"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.5.10.post1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-10300"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-09T13:43:55Z",
"nvd_published_at": "2026-06-01T23:16:19Z",
"severity": "LOW"
},
"details": "A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora_manager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lora_path leads to reachable assertion. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.",
"id": "GHSA-m2jr-x4gq-5rmj",
"modified": "2026-07-09T13:43:55Z",
"published": "2026-06-02T00:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10300"
},
{
"type": "WEB",
"url": "https://github.com/sgl-project/sglang/issues/23141"
},
{
"type": "WEB",
"url": "https://github.com/sgl-project/sglang/pull/25078"
},
{
"type": "WEB",
"url": "https://github.com/sgl-project/sglang"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-10300"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/828086"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367593"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367593/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "SGLang: Reachable Assertion via \u00a0lora_path\u00a0 in LoRAManager enables remote Denial of Dervice"
}
GHSA-M2WV-VGV6-F4HV
Vulnerability from github – Published: 2024-12-19 21:31 – Updated: 2025-05-28 15:33Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service.
If a watchdog timer is not enabled, a hard reset is required to recover the device.
{
"affected": [],
"aliases": [
"CVE-2024-7139"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-19T20:15:08Z",
"severity": "MODERATE"
},
"details": "Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service.\u00a0\n\nIf a watchdog timer is not enabled, a hard reset is required to recover the device.",
"id": "GHSA-m2wv-vgv6-f4hv",
"modified": "2025-05-28T15:33:57Z",
"published": "2024-12-19T21:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7139"
},
{
"type": "WEB",
"url": "https://community.silabs.com/068Vm00000F9zre"
},
{
"type": "WEB",
"url": "https://community.silabs.com/068Vm00000I5mjD"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M3QQ-9RCV-84V8
Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
{
"affected": [],
"aliases": [
"CVE-2021-1953"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-13T06:15:00Z",
"severity": "HIGH"
},
"details": "Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking",
"id": "GHSA-m3qq-9rcv-84v8",
"modified": "2022-05-24T19:07:45Z",
"published": "2022-05-24T19:07:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1953"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-M3R7-HP4V-Q24G
Vulnerability from github – Published: 2025-10-27 15:30 – Updated: 2025-10-29 12:30Reachable Assertion vulnerability in Open5GS up to version 2.7.5 allows attackers with connectivity to the NRF to cause a denial of service. An SBI request that deletes the NRF's own registry causes a check that ends up crashing the NRF process and renders the discovery service unavailable.
{
"affected": [],
"aliases": [
"CVE-2025-41067"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-27T13:15:44Z",
"severity": "HIGH"
},
"details": "Reachable Assertion vulnerability in Open5GS up to version 2.7.5 allows attackers with connectivity to the NRF to cause a denial of service. An SBI request that deletes the NRF\u0027s own registry causes a check that ends up crashing the NRF process and renders the discovery service unavailable.",
"id": "GHSA-m3r7-hp4v-q24g",
"modified": "2025-10-29T12:30:25Z",
"published": "2025-10-27T15:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41067"
},
{
"type": "WEB",
"url": "https://open5gs.org/open5gs/release/2025/03/30/release-v2.7.5.html"
},
{
"type": "WEB",
"url": "https://open5gs.org/open5gs/release/2025/07/19/release-v2.7.6.html"
},
{
"type": "WEB",
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-newplanes-open5gs"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-M424-X6WR-WWGW
Vulnerability from github – Published: 2026-05-08 15:31 – Updated: 2026-05-18 12:31In the Linux kernel, the following vulnerability has been resolved:
perf/x86/intel/uncore: Fix die ID init and look up bugs
In snbep_pci2phy_map_init(), in the nr_node_ids > 8 path, uncore_device_to_die() may return -1 when all CPUs associated with the UBOX device are offline.
Remove the WARN_ON_ONCE(die_id == -1) check for two reasons:
-
The current code breaks out of the loop. This is incorrect because pci_get_device() does not guarantee iteration in domain or bus order, so additional UBOX devices may be skipped during the scan.
-
Returning -EINVAL is incorrect, since marking offline buses with die_id == -1 is expected and should not be treated as an error.
Separately, when NUMA is disabled on a NUMA-capable platform, pcibus_to_node() returns NUMA_NO_NODE, causing uncore_device_to_die() to return -1 for all PCI devices. As a result, spr_update_device_location(), used on Intel SPR and EMR, ignores the corresponding PMON units and does not add them to the RB tree.
Fix this by using uncore_pcibus_to_dieid(), which retrieves topology from the UBOX GIDNIDMAP register and works regardless of whether NUMA is enabled in Linux. This requires snbep_pci2phy_map_init() to be added in spr_uncore_pci_init().
Keep uncore_device_to_die() only for the nr_node_ids > 8 case, where NUMA is expected to be enabled.
{
"affected": [],
"aliases": [
"CVE-2026-43344"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-08T14:16:44Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel/uncore: Fix die ID init and look up bugs\n\nIn snbep_pci2phy_map_init(), in the nr_node_ids \u003e 8 path,\nuncore_device_to_die() may return -1 when all CPUs associated\nwith the UBOX device are offline.\n\nRemove the WARN_ON_ONCE(die_id == -1) check for two reasons:\n\n- The current code breaks out of the loop. This is incorrect because\n pci_get_device() does not guarantee iteration in domain or bus order,\n so additional UBOX devices may be skipped during the scan.\n\n- Returning -EINVAL is incorrect, since marking offline buses with\n die_id == -1 is expected and should not be treated as an error.\n\nSeparately, when NUMA is disabled on a NUMA-capable platform,\npcibus_to_node() returns NUMA_NO_NODE, causing uncore_device_to_die()\nto return -1 for all PCI devices. As a result,\nspr_update_device_location(), used on Intel SPR and EMR, ignores the\ncorresponding PMON units and does not add them to the RB tree.\n\nFix this by using uncore_pcibus_to_dieid(), which retrieves topology\nfrom the UBOX GIDNIDMAP register and works regardless of whether NUMA\nis enabled in Linux. This requires snbep_pci2phy_map_init() to be\nadded in spr_uncore_pci_init().\n\nKeep uncore_device_to_die() only for the nr_node_ids \u003e 8 case, where\nNUMA is expected to be enabled.",
"id": "GHSA-m424-x6wr-wwgw",
"modified": "2026-05-18T12:31:46Z",
"published": "2026-05-08T15:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43344"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6a5dc3ee97581da2907fc7acd62853f07184de67"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a16d1ec4dd0cdcf689f324adde6067083bce9099"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M427-5J3M-C367
Vulnerability from github – Published: 2026-02-13 06:30 – Updated: 2026-03-02 18:31A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
{
"affected": [],
"aliases": [
"CVE-2025-48019"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-13T05:16:09Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation.\nIf affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated.\nThe affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier",
"id": "GHSA-m427-5j3m-c367",
"modified": "2026-03-02T18:31:38Z",
"published": "2026-02-13T06:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48019"
},
{
"type": "WEB",
"url": "https://web-material3.yokogawa.com/1/39281/files/YSAR-26-0002-E.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-M44G-HQ47-38XW
Vulnerability from github – Published: 2025-05-20 18:30 – Updated: 2025-11-10 21:30In the Linux kernel, the following vulnerability has been resolved:
drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()
Nouveau is mostly designed in a way that it's expected that fences only ever get signaled through nouveau_fence_signal(). However, in at least one other place, nouveau_fence_done(), can signal fences, too. If that happens (race) a signaled fence remains in the pending list for a while, until it gets removed by nouveau_fence_update().
Should nouveau_fence_context_kill() run in the meantime, this would be a bug because the function would attempt to set an error code on an already signaled fence.
Have nouveau_fence_context_kill() check for a fence being signaled.
{
"affected": [],
"aliases": [
"CVE-2025-37930"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-20T16:15:29Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"id": "GHSA-m44g-hq47-38xw",
"modified": "2025-11-10T21:30:30Z",
"published": "2025-05-20T18:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37930"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0453825167ecc816ec15c736e52316f69db0deb9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/126f5c6e0cb84e5c6f7a3a856d799d85668fb38e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2ec0f5f6d4768f292c8406ed92fa699f184577e5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/39d6e889c0b19a2c79e1c74c843ea7c2d0f99c28"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/47ca11836c35c5698088fd87f7fb4b0ffa217e17"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b771b2017260ffc3a8d4e81266619649bffcb242"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bbe5679f30d7690a9b6838a583b9690ea73fe0e9"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M4VX-CCRF-W399
Vulnerability from github – Published: 2022-09-14 00:00 – Updated: 2022-09-20 18:15In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files which are not correctly base 64 encoded are treated as a fatal error and causes Routinator to exit. Worst case impact of this vulnerability is denial of service for the RPKI data that Routinator provides to routers. This may stop your network from validating route origins based on RPKI data. This vulnerability does not allow an attacker to manipulate RPKI data.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "routinator"
},
"ranges": [
{
"events": [
{
"introduced": "0.9.0"
},
{
"fixed": "0.11.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-3029"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": true,
"github_reviewed_at": "2022-09-20T18:15:00Z",
"nvd_published_at": "2022-09-13T16:15:00Z",
"severity": "HIGH"
},
"details": "In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files which are not correctly base 64 encoded are treated as a fatal error and causes Routinator to exit. Worst case impact of this vulnerability is denial of service for the RPKI data that Routinator provides to routers. This may stop your network from validating route origins based on RPKI data. This vulnerability does not allow an attacker to manipulate RPKI data.",
"id": "GHSA-m4vx-ccrf-w399",
"modified": "2022-09-20T18:15:00Z",
"published": "2022-09-14T00:00:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3029"
},
{
"type": "WEB",
"url": "https://github.com/NLnetLabs/routinator/pull/781/commits/c2e2476f28f09ea5ffb22d172d84fb4f8384d496"
},
{
"type": "PACKAGE",
"url": "https://github.com/NLnetLabs/routinator"
},
{
"type": "WEB",
"url": "https://github.com/NLnetLabs/routinator/releases/tag/v0.11.3"
},
{
"type": "WEB",
"url": "https://www.nlnetlabs.nl/downloads/routinator/CVE-2022-3029.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "NLnet Labs Routinator has Reachable Assertion vulnerability"
}
GHSA-M5X7-29RP-3XMR
Vulnerability from github – Published: 2026-07-06 18:31 – Updated: 2026-07-09 15:32OpenVPN version 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled
{
"affected": [],
"aliases": [
"CVE-2026-13122"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-06T16:16:28Z",
"severity": "MODERATE"
},
"details": "OpenVPN version 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled",
"id": "GHSA-m5x7-29rp-3xmr",
"modified": "2026-07-09T15:32:19Z",
"published": "2026-07-06T18:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13122"
},
{
"type": "WEB",
"url": "https://community.openvpn.net/Security%20Announcements/CVE-2026-13122"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)
Mitigation
Strategy: Input Validation
Perform input validation on user data.
No CAPEC attack patterns related to this CWE.