Common Weakness Enumeration

CWE-754

Allowed-with-Review

Improper Check for Unusual or Exceptional Conditions

Abstraction: Class · Status: Incomplete

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

906 vulnerabilities reference this CWE, most recent first.

GHSA-3R3R-W8V7-6JQQ

Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2024-04-04 00:41
VLAI
Details

A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs when the affected software processes specific EVPN routing information. An attacker could exploit this vulnerability by injecting malicious traffic patterns into the targeted EVPN network. A successful exploit could result in a crash of the l2vpn_mgr process on Provider Edge (PE) device members of the same EVPN instance (EVI). On each of the affected devices, a crash could lead to system instability and the inability to process or forward traffic through the device, resulting in a DoS condition that would require manual intervention to restore normal operating conditions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-1849"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-16T02:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs when the affected software processes specific EVPN routing information. An attacker could exploit this vulnerability by injecting malicious traffic patterns into the targeted EVPN network. A successful exploit could result in a crash of the l2vpn_mgr process on Provider Edge (PE) device members of the same EVPN instance (EVI). On each of the affected devices, a crash could lead to system instability and the inability to process or forward traffic through the device, resulting in a DoS condition that would require manual intervention to restore normal operating conditions.",
  "id": "GHSA-3r3r-w8v7-6jqq",
  "modified": "2024-04-04T00:41:24Z",
  "published": "2022-05-24T16:45:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1849"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-iosxr-evpn-dos"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108342"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3VJ6-JFR6-4CF4

Vulnerability from github – Published: 2026-02-10 18:30 – Updated: 2026-02-10 18:30
VLAI
Details

Improper conditions check for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable [cvss_threat_loss_factor]. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20070"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-10T17:16:11Z",
    "severity": "MODERATE"
  },
  "details": "Improper conditions check for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable [cvss_threat_loss_factor]. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.",
  "id": "GHSA-3vj6-jfr6-4cf4",
  "modified": "2026-02-10T18:30:39Z",
  "published": "2026-02-10T18:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20070"
    },
    {
      "type": "WEB",
      "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01323.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3VQF-RM2X-WV2W

Vulnerability from github – Published: 2022-01-20 00:01 – Updated: 2022-01-27 00:03
VLAI
Details

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause the PFE to reset. This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2; 21.3 versions prior to 21.3R1-S1, 21.3R2. This issue does not affect versions of Junos OS prior to 19.4R1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22171"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-19T01:15:00Z",
    "severity": "HIGH"
  },
  "details": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause the PFE to reset. This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2; 21.3 versions prior to 21.3R1-S1, 21.3R2. This issue does not affect versions of Junos OS prior to 19.4R1.",
  "id": "GHSA-3vqf-rm2x-wv2w",
  "modified": "2022-01-27T00:03:43Z",
  "published": "2022-01-20T00:01:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22171"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA11277"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-3VQQ-45QG-2XF6

Vulnerability from github – Published: 2026-01-27 18:32 – Updated: 2026-05-12 15:31
VLAI
Details

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file.

Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service.

A type confusion vulnerability exists in PKCS#12 parsing code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid pointer read.

The location is constrained to a 1-byte address space, meaning any attempted pointer manipulation can only target addresses between 0x00 and 0xFF. This range corresponds to the zero page, which is unmapped on most modern operating systems and will reliably result in a crash, leading only to a Denial of Service. Exploiting this issue also requires a user or application to process a maliciously crafted PKCS#12 file. It is uncommon to accept untrusted PKCS#12 files in applications as they are usually used to store private keys which are trusted by definition. For these reasons, the issue was assessed as Low severity.

The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS12 implementation is outside the OpenSSL FIPS module boundary.

OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.

OpenSSL 1.0.2 is not affected by this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-22795"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-27T16:16:35Z",
    "severity": "MODERATE"
  },
  "details": "Issue summary: An invalid or NULL pointer dereference can happen in\nan application processing a malformed PKCS#12 file.\n\nImpact summary: An application processing a malformed PKCS#12 file can be\ncaused to dereference an invalid or NULL pointer on memory read, resulting\nin a Denial of Service.\n\nA type confusion vulnerability exists in PKCS#12 parsing code where\nan ASN1_TYPE union member is accessed without first validating the type,\ncausing an invalid pointer read.\n\nThe location is constrained to a 1-byte address space, meaning any\nattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\nThis range corresponds to the zero page, which is unmapped on most modern\noperating systems and will reliably result in a crash, leading only to a\nDenial of Service. Exploiting this issue also requires a user or application\nto process a maliciously crafted PKCS#12 file. It is uncommon to accept\nuntrusted PKCS#12 files in applications as they are usually used to store\nprivate keys which are trusted by definition. For these reasons, the issue\nwas assessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.",
  "id": "GHSA-3vqq-45qg-2xf6",
  "modified": "2026-05-12T15:31:14Z",
  "published": "2026-01-27T18:32:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
    },
    {
      "type": "WEB",
      "url": "https://openssl-library.org/news/secadv/20260127.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3VV9-RRP8-6JQF

Vulnerability from github – Published: 2024-11-08 06:30 – Updated: 2025-11-04 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: ocelot: fix system hang on level based interrupts

The current implementation only calls chained_irq_enter() and chained_irq_exit() if it detects pending interrupts.

for (i = 0; i < info->stride; i++) {
    uregmap_read(info->map, id_reg + 4 * i, &reg);
    if (!reg)
        continue;

    chained_irq_enter(parent_chip, desc);

However, in case of GPIO pin configured in level mode and the parent controller configured in edge mode, GPIO interrupt might be lowered by the hardware. In the result, if the interrupt is short enough, the parent interrupt is still pending while the GPIO interrupt is cleared; chained_irq_enter() never gets called and the system hangs trying to service the parent interrupt.

Moving chained_irq_enter() and chained_irq_exit() outside the for loop ensures that they are called even when GPIO interrupt is lowered by the hardware.

The similar code with chained_irq_enter() / chained_irq_exit() functions wrapping interrupt checking loop may be found in many other drivers:

grep -r -A 10 chained_irq_enter drivers/pinctrl
Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50196"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-08T06:15:16Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: ocelot: fix system hang on level based interrupts\n\nThe current implementation only calls chained_irq_enter() and\nchained_irq_exit() if it detects pending interrupts.\n\n```\nfor (i = 0; i \u003c info-\u003estride; i++) {\n\turegmap_read(info-\u003emap, id_reg + 4 * i, \u0026reg);\n\tif (!reg)\n\t\tcontinue;\n\n\tchained_irq_enter(parent_chip, desc);\n```\n\nHowever, in case of GPIO pin configured in level mode and the parent\ncontroller configured in edge mode, GPIO interrupt might be lowered by the\nhardware. In the result, if the interrupt is short enough, the parent\ninterrupt is still pending while the GPIO interrupt is cleared;\nchained_irq_enter() never gets called and the system hangs trying to\nservice the parent interrupt.\n\nMoving chained_irq_enter() and chained_irq_exit() outside the for loop\nensures that they are called even when GPIO interrupt is lowered by the\nhardware.\n\nThe similar code with chained_irq_enter() / chained_irq_exit() functions\nwrapping interrupt checking loop may be found in many other drivers:\n```\ngrep -r -A 10 chained_irq_enter drivers/pinctrl\n```",
  "id": "GHSA-3vv9-rrp8-6jqf",
  "modified": "2025-11-04T00:31:57Z",
  "published": "2024-11-08T06:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50196"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/20728e86289ab463b99b7ab4425515bd26aba417"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4a81800ef05bea5a9896f199677f7b7f5020776a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/655f5d4662b958122b260be05aa6dfdf8768efe6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/93b8ddc54507a227087c60a0013ed833b6ae7d3c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dcbe9954634807ec54e22bde278b5b269f921381"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3VVM-PM5R-55F5

Vulnerability from github – Published: 2022-05-13 01:22 – Updated: 2022-05-13 01:22
VLAI
Details

Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-5763"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-02-19T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
  "id": "GHSA-3vvm-pm5r-55f5",
  "modified": "2022-05-13T01:22:32Z",
  "published": "2022-05-13T01:22:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5763"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:0309"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/914731"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JVFHYCJGMZQUKYSIE2BXE4NLEGFGUXU5"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQOP53LXXPRGD4N5OBKGQTSMFXT32LF6"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2019/dsa-4395"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106767"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3W94-VQ2X-V5WR

Vulnerability from github – Published: 2025-07-02 15:12 – Updated: 2025-07-02 18:59
VLAI
Summary
ethereum does not check transaction malleability for EIP-2930, EIP-1559 and EIP-7702 transactions
Details

Impact

Prior to ethereum crate v0.18.0, signature malleability (according to EIP-2) was only checked for "legacy" transactions, but not for EIP-2930, EIP-1559 and EIP-7702 transactions.

This is a specification deviation and therefore a high severity advisory if the ethereum crate is used for Ethereum mainnet. Note that signature malleability itself is not a security issue, and therefore if the ethereum crate is used on a single-implementation blockchain, it's a low/informational severity advisory.

Patches

The issue is fixed in ethereum v0.18.0

Workarounds

You can also manually check transaction malleability outside of the crate. But it's recommended to simply upgrade the version.

References

See PR: https://github.com/rust-ethereum/ethereum/pull/67

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "ethereum"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.18.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-53359"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-02T15:12:18Z",
    "nvd_published_at": "2025-07-02T16:15:29Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nPrior to `ethereum` crate v0.18.0, signature malleability (according to EIP-2) was only checked for \"legacy\" transactions, but not for EIP-2930, EIP-1559 and EIP-7702 transactions.\n\nThis is a specification deviation and therefore a high severity advisory if the `ethereum` crate is used for Ethereum mainnet. Note that signature malleability itself is not a security issue, and therefore if the `ethereum` crate is used on a single-implementation blockchain, it\u0027s a low/informational severity advisory.\n\n### Patches\n\nThe issue is fixed in `ethereum` v0.18.0\n\n### Workarounds\n\nYou can also manually check transaction malleability outside of the crate. But it\u0027s recommended to simply upgrade the version.\n\n### References\n\nSee PR: https://github.com/rust-ethereum/ethereum/pull/67",
  "id": "GHSA-3w94-vq2x-v5wr",
  "modified": "2025-07-02T18:59:52Z",
  "published": "2025-07-02T15:12:18Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rust-ethereum/ethereum/security/advisories/GHSA-3w94-vq2x-v5wr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53359"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-ethereum/ethereum/pull/67"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-ethereum/ethereum/commit/2dd9d1d5d0936ec7350093ff3a5a7169a349db77"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rust-ethereum/ethereum"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "ethereum does not check transaction malleability for EIP-2930, EIP-1559 and EIP-7702 transactions"
}

GHSA-3WFP-66X3-WGQ2

Vulnerability from github – Published: 2026-02-24 15:30 – Updated: 2026-02-25 21:31
VLAI
Details

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-2801"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-24T14:16:28Z",
    "severity": "HIGH"
  },
  "details": "Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox \u003c 148.",
  "id": "GHSA-3wfp-66x3-wgq2",
  "modified": "2026-02-25T21:31:18Z",
  "published": "2026-02-24T15:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2801"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009901"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-13"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-16"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3X79-RFWC-8CJP

Vulnerability from github – Published: 2022-05-24 17:10 – Updated: 2022-05-24 17:10
VLAI
Details

Improper conditions check in Intel(R) Graphics Drivers before versions 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212 may allow an authenticated user to potentially enable information disclosure and denial of service via local

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-0505"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-03-12T18:15:00Z",
    "severity": "LOW"
  },
  "details": "Improper conditions check in Intel(R) Graphics Drivers before versions 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212 may allow an authenticated user to potentially enable information disclosure and denial of service via local",
  "id": "GHSA-3x79-rfwc-8cjp",
  "modified": "2022-05-24T17:10:50Z",
  "published": "2022-05-24T17:10:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0505"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20200320-0003"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-3XFQ-3889-4Q8M

Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2022-05-24 17:34
VLAI
Details

Improper conditions check in the Intel(R) SGX DCAP software before version 1.6 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-8766"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-12T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper conditions check in the Intel(R) SGX DCAP software before version 1.6 may allow an unauthenticated user to potentially enable denial of service via adjacent access.",
  "id": "GHSA-3xfq-3889-4q8m",
  "modified": "2022-05-24T17:34:13Z",
  "published": "2022-05-24T17:34:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8766"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00398"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • Choose languages with features such as exception handling that force the programmer to anticipate unusual conditions that may generate exceptions. Custom exceptions may need to be developed to handle unusual business-logic conditions. Be careful not to pass sensitive exceptions back to the user (CWE-209, CWE-248).
Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is expected.

Mitigation
Implementation

If using exception handling, catch and throw specific exceptions instead of overly-general exceptions (CWE-396, CWE-397). Catch and handle exceptions as locally as possible so that exceptions do not propagate too far up the call stack (CWE-705). Avoid unchecked or uncaught exceptions where feasible (CWE-248).

Mitigation MIT-39
Implementation
  • Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
  • If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
  • Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
  • Exposing additional information to a potential attacker in the context of an exceptional condition can help the attacker determine what attack vectors are most likely to succeed beyond DoS.
Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-38
Architecture and Design Implementation

If the program must fail, ensure that it fails gracefully (fails closed). There may be a temptation to simply let the program fail poorly in cases such as low memory conditions, but an attacker may be able to assert control before the software has fully exited. Alternately, an uncontrolled failure could cause cascading problems with other downstream components; for example, the program could send a signal to a downstream process so the process immediately knows that a problem has occurred and has a better chance of recovery.

Mitigation
Architecture and Design

Use system limits, which should help to prevent resource exhaustion. However, the product should still handle low resource conditions since they may still occur.

No CAPEC attack patterns related to this CWE.