CWE-754
Allowed-with-ReviewImproper Check for Unusual or Exceptional Conditions
Abstraction: Class · Status: Incomplete
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
909 vulnerabilities reference this CWE, most recent first.
GHSA-7FWX-JJQR-3GXQ
Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-10-27 19:00An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP packets which are being VXLAN encapsulated leading to a partial Denial of Service (DoS). Continued receipted of these specific traffic will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on QFX Series: All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S3, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS on PTX Series: All versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2.
{
"affected": [],
"aliases": [
"CVE-2021-31361"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-19T19:15:00Z",
"severity": "MODERATE"
},
"details": "An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP packets which are being VXLAN encapsulated leading to a partial Denial of Service (DoS). Continued receipted of these specific traffic will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on QFX Series: All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S3, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS on PTX Series: All versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2.",
"id": "GHSA-7fwx-jjqr-3gxq",
"modified": "2022-10-27T19:00:31Z",
"published": "2022-05-24T19:17:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31361"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA11223"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-7GJJ-W4X7-8QQR
Vulnerability from github – Published: 2022-05-14 03:46 – Updated: 2025-04-20 03:49In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
{
"affected": [],
"aliases": [
"CVE-2017-17084"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-01T08:29:00Z",
"severity": "HIGH"
},
"details": "In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.",
"id": "GHSA-7gjj-w4x7-8qqr",
"modified": "2025-04-20T03:49:18Z",
"published": "2022-05-14T03:46:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17084"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14236"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8502fe94ef9e431860921507e1a351c5e3f5c634"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8502fe94ef9e431860921507e1a351c5e3f5c634"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00029.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-4060"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2017-47.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102030"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7HWV-GXWQ-2G5P
Vulnerability from github – Published: 2022-05-24 17:01 – Updated: 2024-04-04 02:40A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to get host network access on an cri-o host.
{
"affected": [],
"aliases": [
"CVE-2019-14891"
],
"database_specific": {
"cwe_ids": [
"CWE-460",
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-25T11:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to get host network access on an cri-o host.",
"id": "GHSA-7hwv-gxwq-2g5p",
"modified": "2024-04-04T02:40:30Z",
"published": "2022-05-24T17:01:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14891"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14891"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-7HX3-GGMH-4QRX
Vulnerability from github – Published: 2024-02-27 09:31 – Updated: 2024-04-17 18:31In the Linux kernel, the following vulnerability has been resolved:
ARM: footbridge: fix PCI interrupt mapping
Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probed. If these are marked as __init, this causes an oops if a PCI driver is loaded or bound after the kernel has initialised.
{
"affected": [],
"aliases": [
"CVE-2021-46909"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-27T07:15:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: footbridge: fix PCI interrupt mapping\n\nSince commit 30fdfb929e82 (\"PCI: Add a call to pci_assign_irq() in\npci_device_probe()\"), the PCI code will call the IRQ mapping function\nwhenever a PCI driver is probed. If these are marked as __init, this\ncauses an oops if a PCI driver is loaded or bound after the kernel has\ninitialised.",
"id": "GHSA-7hx3-ggmh-4qrx",
"modified": "2024-04-17T18:31:31Z",
"published": "2024-02-27T09:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46909"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1fc087fdb98d556b416c82ed6e3964a30885f47a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2643da6aa57920d9159a1a579fb04f89a2b0d29a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/30e3b4f256b4e366a61658c294f6a21b8626dda7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/871b569a3e67f570df9f5ba195444dc7c621293b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c3efce8cc9807339633ee30e39882f4c8626ee1d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7MQR-2V3Q-V2WM
Vulnerability from github – Published: 2021-05-24 16:57 – Updated: 2023-02-14 00:21Impact
The TokenRevocationHandler ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid. Whether an attacker can use this for her advantage depends on the ability to trigger errors in the store.
References
RFC 7009 states that a 503 HTTP code must be returned when the server has a problem.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/ory/fosite"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.34.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-15223"
],
"database_specific": {
"cwe_ids": [
"CWE-754",
"CWE-755"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-24T12:53:07Z",
"nvd_published_at": "2020-09-24T17:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nThe `TokenRevocationHandler` ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid. Whether an attacker can use this for her advantage depends on the ability to trigger errors in the store.\n\n### References\n[RFC 7009](https://tools.ietf.org/html/rfc7009#section-2.2.1) states that a 503 HTTP code must be returned when the server has a problem.",
"id": "GHSA-7mqr-2v3q-v2wm",
"modified": "2023-02-14T00:21:03Z",
"published": "2021-05-24T16:57:39Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ory/fosite/security/advisories/GHSA-7mqr-2v3q-v2wm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15223"
},
{
"type": "WEB",
"url": "https://github.com/ory/fosite/commit/03dd55813f5521985f7dd64277b7ba0cf1441319"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2021-0109"
},
{
"type": "WEB",
"url": "https://tools.ietf.org/html/rfc7009#section-2.2.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Ory fosite contains Improper Handling of Exceptional Conditions "
}
GHSA-7Q3M-CM45-5QQ5
Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2024-04-04 05:31A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure™ Control Expert (All Versions), EcoStruxure™ Process Expert (Version V2020 & prior), Modicon M340 CPU (part numbers BMXP34) (All Versions), Modicon M580 CPU (part numbers BMEP and BMEH) (All Versions), Modicon M580 CPU Safety (part numbers BMEP58S and BMEH58S) (All Versions), Modicon Momentum Unity M1E Processor (171CBU) (All Versions), Modicon MC80 (BMKC80) (All Versions), Legacy Modicon Quantum (140CPU65) and Premium CPUs (TSXP57) (All Versions)
{
"affected": [],
"aliases": [
"CVE-2022-45788"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-30T13:15:00Z",
"severity": "CRITICAL"
},
"details": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality \u0026 integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure\u2122 Control Expert (All Versions), EcoStruxure\u2122 Process Expert (Version V2020 \u0026 prior), Modicon M340 CPU (part numbers BMXP34*) (All Versions), Modicon M580 CPU (part numbers BMEP* and BMEH*) (All Versions), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum Unity M1E Processor (171CBU*) (All Versions), Modicon MC80 (BMKC80) (All Versions), Legacy Modicon Quantum (140CPU65*) and Premium CPUs (TSXP57*) (All Versions)",
"id": "GHSA-7q3m-cm45-5qq5",
"modified": "2024-04-04T05:31:55Z",
"published": "2023-07-06T19:24:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45788"
},
{
"type": "WEB",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7R3R-GQ8P-V9JJ
Vulnerability from github – Published: 2022-06-23 17:48 – Updated: 2022-07-07 17:15Impact
All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule @keyframes.
This package is depended on by react-letter, therefore everyone using react-letter is also at risk.
Patches
The problem has been patched in version 1.0.2.
Workarounds
There is no workaround besides upgrading.
References
The issue was originally reported in the react-letter repository: https://github.com/mat-sz/react-letter/issues/17
For more information
If you have any questions or comments about this advisory: * Open an issue in lettersanitizer * Email me at contact@matsz.dev
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "lettersanitizer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-31103"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": true,
"github_reviewed_at": "2022-06-23T17:48:19Z",
"nvd_published_at": "2022-06-27T23:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nAll versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`.\n\nThis package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk.\n\n### Patches\n\nThe problem has been patched in version 1.0.2.\n\n### Workarounds\n\nThere is no workaround besides upgrading.\n\n### References\n\nThe issue was originally reported in the react-letter repository: https://github.com/mat-sz/react-letter/issues/17\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [lettersanitizer](https://github.com/mat-sz/lettersanitizer/issues)\n* Email me at [contact@matsz.dev](mailto:contact@matsz.dev)\n",
"id": "GHSA-7r3r-gq8p-v9jj",
"modified": "2022-07-07T17:15:28Z",
"published": "2022-06-23T17:48:19Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/mat-sz/lettersanitizer/security/advisories/GHSA-7r3r-gq8p-v9jj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31103"
},
{
"type": "WEB",
"url": "https://github.com/mat-sz/react-letter/issues/17"
},
{
"type": "WEB",
"url": "https://github.com/mat-sz/lettersanitizer/commit/96d3dfe2ef0465d47324ed4d13e91ba0816a173f"
},
{
"type": "PACKAGE",
"url": "https://github.com/mat-sz/lettersanitizer"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper handling of CSS at-rules in lettersanitizer"
}
GHSA-7R87-CJ48-WJ45
Vulnerability from github – Published: 2022-04-26 21:19 – Updated: 2024-09-20 21:03Impact
flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session.
The captcha.validate() function would return None if passed no value (e.g. by submitting a request with an empty form).
If implementing users were checking the return value to be False, the captcha verification check could be bypassed.
Sample vulnerable code:
if captcha.validate() == False:
... # abort
else:
... # do stuff
Patches
A new version (1.2.1) is available that fixes the issue.
Workarounds
Users can workaround the issue by not explicitly checking that the value is False.
Checking the return value less explicitly should still work.
if not captcha.validate():
... # abort
else:
... # do stuff
if captcha.validate():
... # do stuff
else:
... # abort
References
https://github.com/Tethik/flask-session-captcha/pull/27
For more information
If you have any questions or comments about this advisory: * Open an issue in the github repo
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "flask-session-captcha"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-24880"
],
"database_specific": {
"cwe_ids": [
"CWE-253",
"CWE-394",
"CWE-754"
],
"github_reviewed": true,
"github_reviewed_at": "2022-04-26T21:19:52Z",
"nvd_published_at": "2022-04-25T22:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nflask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session.\n\nThe `captcha.validate()` function would return `None` if passed no value (e.g. by submitting a request with an empty form).\n\nIf implementing users were checking the return value to be **False**, the captcha verification check could be bypassed.\n\nSample vulnerable code:\n```python\nif captcha.validate() == False:\n ... # abort\nelse:\n ... # do stuff\n```\n\n### Patches\nA new version (1.2.1) is available that fixes the issue.\n\n### Workarounds\nUsers can workaround the issue by not explicitly checking that the value is False. \n\nChecking the return value less explicitly should still work. \n\n```python\nif not captcha.validate():\n ... # abort\nelse:\n ... # do stuff\n```\n\n```python\nif captcha.validate():\n ... # do stuff\nelse:\n ... # abort\n```\n\n### References\nhttps://github.com/Tethik/flask-session-captcha/pull/27\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [the github repo](https://github.com/Tethik/flask-session-captcha)\n",
"id": "GHSA-7r87-cj48-wj45",
"modified": "2024-09-20T21:03:06Z",
"published": "2022-04-26T21:19:52Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24880"
},
{
"type": "WEB",
"url": "https://github.com/Tethik/flask-session-captcha/pull/27"
},
{
"type": "WEB",
"url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
},
{
"type": "PACKAGE",
"url": "https://github.com/Tethik/flask-session-captcha"
},
{
"type": "WEB",
"url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/flask-session-captcha/PYSEC-2022-193.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Potential Captcha Validate Bypass in flask-session-captcha"
}
GHSA-7RGP-4J56-FM79
Vulnerability from github – Published: 2025-01-09 09:31 – Updated: 2025-01-09 18:15Mattermost versions 10.x <= 10.2 fail to accurately reflect missing settings, which allows confusion for admins regarding a Calls security-sensitive configuration via incorrect UI reporting.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/mattermost/mattermost/server/v8"
},
"ranges": [
{
"events": [
{
"introduced": "10.0"
},
{
"fixed": "10.3.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/mattermost/mattermost/server/v8"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.0-20250102081831-64c566a8280b"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-22445"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": true,
"github_reviewed_at": "2025-01-09T18:15:37Z",
"nvd_published_at": "2025-01-09T07:15:28Z",
"severity": "LOW"
},
"details": "Mattermost versions 10.x \u003c= 10.2 fail to accurately reflect missing settings, which allows confusion for admins regarding a Calls security-sensitive configuration via incorrect UI reporting.",
"id": "GHSA-7rgp-4j56-fm79",
"modified": "2025-01-09T18:15:37Z",
"published": "2025-01-09T09:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22445"
},
{
"type": "PACKAGE",
"url": "https://github.com/mattermost/mattermost"
},
{
"type": "WEB",
"url": "https://mattermost.com/security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Mattermost has Improper Check for Unusual or Exceptional Conditions"
}
GHSA-7RGX-RGRV-F76W
Vulnerability from github – Published: 2024-10-16 00:30 – Updated: 2024-10-16 00:30IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of service.
{
"affected": [],
"aliases": [
"CVE-2024-45085"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-15T22:15:03Z",
"severity": "MODERATE"
},
"details": "IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of service.",
"id": "GHSA-7rgx-rgrv-f76w",
"modified": "2024-10-16T00:30:58Z",
"published": "2024-10-16T00:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45085"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7173128"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-3
Strategy: Language Selection
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- Choose languages with features such as exception handling that force the programmer to anticipate unusual conditions that may generate exceptions. Custom exceptions may need to be developed to handle unusual business-logic conditions. Be careful not to pass sensitive exceptions back to the user (CWE-209, CWE-248).
Mitigation
Check the results of all functions that return a value and verify that the value is expected.
Mitigation
If using exception handling, catch and throw specific exceptions instead of overly-general exceptions (CWE-396, CWE-397). Catch and handle exceptions as locally as possible so that exceptions do not propagate too far up the call stack (CWE-705). Avoid unchecked or uncaught exceptions where feasible (CWE-248).
Mitigation MIT-39
- Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
- If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
- Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
- Exposing additional information to a potential attacker in the context of an exceptional condition can help the attacker determine what attack vectors are most likely to succeed beyond DoS.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-38
If the program must fail, ensure that it fails gracefully (fails closed). There may be a temptation to simply let the program fail poorly in cases such as low memory conditions, but an attacker may be able to assert control before the software has fully exited. Alternately, an uncontrolled failure could cause cascading problems with other downstream components; for example, the program could send a signal to a downstream process so the process immediately knows that a problem has occurred and has a better chance of recovery.
Mitigation
Use system limits, which should help to prevent resource exhaustion. However, the product should still handle low resource conditions since they may still occur.
No CAPEC attack patterns related to this CWE.