CWE-755
DiscouragedImproper Handling of Exceptional Conditions
Abstraction: Class · Status: Incomplete
The product does not handle or incorrectly handles an exceptional condition.
685 vulnerabilities reference this CWE, most recent first.
GHSA-HJCV-9VHV-RJQ5
Vulnerability from github – Published: 2022-05-24 19:08 – Updated: 2022-05-24 19:08NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can lead to floating point exceptions, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
{
"affected": [],
"aliases": [
"CVE-2021-1102"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-21T03:15:00Z",
"severity": "MODERATE"
},
"details": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can lead to floating point exceptions, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).",
"id": "GHSA-hjcv-9vhv-rjq5",
"modified": "2022-05-24T19:08:51Z",
"published": "2022-05-24T19:08:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1102"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-HJRW-GMWJ-XC9C
Vulnerability from github – Published: 2026-05-27 06:31 – Updated: 2026-05-29 18:31IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID.
When decode_ux() in bin/zipdetails handles an Info-ZIP Unix Extra Field (tag 0x7875) with UID Size or GID Size set to 8, causing zipdetails to decode an 8-byte UID or GID value, it dispatches through decodeLitteEndian(), which calls a misnamed helper unpackValueQ. The actual function defined in the same file is unpackValue_Q (with underscore); the call raises 'Undefined subroutine &main::unpackValueQ' and the script exits with status 255.
Library callers of IO::Compress and IO::Uncompress are not affected; the defect is in the bundled CLI tool.
{
"affected": [],
"aliases": [
"CVE-2026-48961"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-27T04:16:31Z",
"severity": "HIGH"
},
"details": "IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID.\n\nWhen decode_ux() in bin/zipdetails handles an Info-ZIP Unix Extra Field (tag 0x7875) with UID Size or GID Size set to 8, causing zipdetails to decode an 8-byte UID or GID value, it dispatches through decodeLitteEndian(), which calls a misnamed helper unpackValueQ. The actual function defined in the same file is unpackValue_Q (with underscore); the call raises \u0027Undefined subroutine \u0026main::unpackValueQ\u0027 and the script exits with status 255.\n\nLibrary callers of IO::Compress and IO::Uncompress are not affected; the defect is in the bundled CLI tool.",
"id": "GHSA-hjrw-gmwj-xc9c",
"modified": "2026-05-29T18:31:16Z",
"published": "2026-05-27T06:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48961"
},
{
"type": "WEB",
"url": "https://github.com/pmqs/IO-Compress/commit/33c89d03d6e746ed2ead4f2f6570d47864c61bc7.patch"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/PMQS/IO-Compress-2.220/changes"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/05/27/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-HMGW-9JRG-HF2M
Vulnerability from github – Published: 2023-10-19 20:02 – Updated: 2023-10-19 20:02Summary
It seems that any Directus installation that has websockets enabled can be crashed if the websocket server receives an invalid frame. This could probably be posted as an issue and I might even be able to put together a pull request for a fix (if only I had some extra time...), but I decided to instead post as a vulnerability just for the maintainers, since this seemingly can be used to crash any live Directus server if websockets are enabled, so public disclosure is not a good idea until the issue is fixed.
Details
The fix for this seems quite simple; the websocket server just needs to properly catch the error instead of crashing the server. See for example: https://github.com/websockets/ws/issues/2098
PoC
- Start a fresh Directus server (using for example the compose file here: https://docs.directus.io/self-hosted/docker-guide.html). Enable websockets by setting
WEBSOCKETS_ENABLED: 'true'environment variable. - run a separate node app somewhere else to send an invalid frame to the server:
const WebSocket = require("ws");
const websocket = new WebSocket("ws://0.0.0.0:8055/websocket");
websocket.on("open", function () {
const chunk = Buffer.from("a180", "hex");
websocket._socket.write(chunk);
});
Impact
The server crashes with an error: RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be clear. Server needs to be manually restarted to get back online (if there's no recovery mechanism in place, as there often isn't with simple node servers). This was confirmed on a local server, and additionally I was able to crash our staging server with the same code, just pointing to our staging Directus server running at fly.io. It seems to also crash servers running in the directus.cloud service. I created https://websocket-test.directus.app/, pointed the above script to the websocket url of that instance and the server does crash for a while. It seems that in there there's a mechanism for bringing the server back up quite fast, but it would be quite trivial for anyone to DoS any server running in directus.cloud by just spamming these invalid frames to the server.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "directus"
},
"ranges": [
{
"events": [
{
"introduced": "10.4.0"
},
{
"fixed": "10.6.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-45820"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": true,
"github_reviewed_at": "2023-10-19T20:02:04Z",
"nvd_published_at": "2023-10-19T19:15:15Z",
"severity": "HIGH"
},
"details": "### Summary\nIt seems that any Directus installation that has websockets enabled can be crashed if the websocket server receives an invalid frame. This could probably be posted as an issue and I might even be able to put together a pull request for a fix (if only I had some extra time...), but I decided to instead post as a vulnerability just for the maintainers, since this seemingly can be used to crash any live Directus server if websockets are enabled, so public disclosure is not a good idea until the issue is fixed.\n\n### Details\nThe fix for this seems quite simple; the websocket server just needs to properly catch the error instead of crashing the server. See for example: https://github.com/websockets/ws/issues/2098\n\n### PoC\n- Start a fresh Directus server (using for example the compose file here: https://docs.directus.io/self-hosted/docker-guide.html). Enable websockets by setting `WEBSOCKETS_ENABLED: \u0027true\u0027` environment variable.\n- run a separate node app somewhere else to send an invalid frame to the server:\n\n```\nconst WebSocket = require(\"ws\");\nconst websocket = new WebSocket(\"ws://0.0.0.0:8055/websocket\");\nwebsocket.on(\"open\", function () {\n const chunk = Buffer.from(\"a180\", \"hex\");\n websocket._socket.write(chunk);\n});\n```\n\n### Impact\nThe server crashes with an error: `RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be clear`. Server needs to be manually restarted to get back online (if there\u0027s no recovery mechanism in place, as there often isn\u0027t with simple node servers). This was confirmed on a local server, and additionally I was able to crash our staging server with the same code, just pointing to our staging Directus server running at fly.io. It seems to also crash servers running in the [directus.cloud](https://directus.cloud) service. I created https://websocket-test.directus.app/, pointed the above script to the websocket url of that instance and the server does crash for a while. It seems that in there there\u0027s a mechanism for bringing the server back up quite fast, but it would be quite trivial for anyone to DoS any server running in directus.cloud by just spamming these invalid frames to the server. ",
"id": "GHSA-hmgw-9jrg-hf2m",
"modified": "2023-10-19T20:02:04Z",
"published": "2023-10-19T20:02:04Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/directus/directus/security/advisories/GHSA-hmgw-9jrg-hf2m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45820"
},
{
"type": "WEB",
"url": "https://github.com/directus/directus/commit/243eed781b42d6b4948ddb8c3792bcf5b44f55bb"
},
{
"type": "PACKAGE",
"url": "https://github.com/directus/directus"
},
{
"type": "WEB",
"url": "https://github.com/directus/directus/releases/tag/v10.6.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Directus crashes on invalid WebSocket message"
}
GHSA-HP5X-RQF7-43VF
Vulnerability from github – Published: 2022-02-10 20:24 – Updated: 2022-09-21 19:22Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a URISyntaxException that causes the connection to be closed prematurely instead of producing a 400 response.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.9.4"
},
"package": {
"ecosystem": "Maven",
"name": "io.projectreactor.netty:reactor-netty-http"
},
"ranges": [
{
"events": [
{
"introduced": "0.9.3"
},
{
"fixed": "0.9.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-5403"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-755"
],
"github_reviewed": true,
"github_reviewed_at": "2021-04-22T20:27:06Z",
"nvd_published_at": "2020-03-03T19:15:00Z",
"severity": "HIGH"
},
"details": "Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a URISyntaxException that causes the connection to be closed prematurely instead of producing a 400 response.",
"id": "GHSA-hp5x-rqf7-43vf",
"modified": "2022-09-21T19:22:58Z",
"published": "2022-02-10T20:24:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5403"
},
{
"type": "WEB",
"url": "https://pivotal.io/security/cve-2020-5403"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Handling of Exceptional Conditions and Improper Input Validation in Reactor Netty"
}
GHSA-HQ3G-Q9W3-58PC
Vulnerability from github – Published: 2022-12-07 00:30 – Updated: 2022-12-08 21:30Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.
{
"affected": [],
"aliases": [
"CVE-2022-44030"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-06T23:15:00Z",
"severity": "HIGH"
},
"details": "Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.",
"id": "GHSA-hq3g-q9w3-58pc",
"modified": "2022-12-08T21:30:20Z",
"published": "2022-12-07T00:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44030"
},
{
"type": "WEB",
"url": "https://www.redmine.org/news/139"
},
{
"type": "WEB",
"url": "https://www.redmine.org/projects/redmine/wiki/Security_Advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HV3J-PF66-34PJ
Vulnerability from github – Published: 2023-01-13 00:30 – Updated: 2023-01-24 21:30A vulnerability in class-of-service (CoS) queue management in Juniper Networks Junos OS on the ACX2K Series devices allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Specific packets are being incorrectly routed to a queue used for other high-priority traffic such as BGP, PIM, ICMP, ICMPV6 ND and ISAKMP. Due to this misclassification of traffic, receipt of a high rate of these specific packets will cause delays in the processing of other traffic, leading to a Denial of Service (DoS). Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on ACX2K Series: All versions prior to 19.4R3-S9; All 20.2 versions; 20.3 versions prior to 20.3R3-S6 on ACX2K Series; 20.4 versions prior to 20.4R3-S4 on ACX2K Series; All 21.1 versions; 21.2 versions prior to 21.2R3-S3 on ACX2K Series. Note: This issues affects legacy ACX2K Series PPC-based devices. This platform reached Last Supported Version (LSV) as of the Junos OS 21.2 Release.
{
"affected": [],
"aliases": [
"CVE-2023-22391"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-13T00:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in class-of-service (CoS) queue management in Juniper Networks Junos OS on the ACX2K Series devices allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Specific packets are being incorrectly routed to a queue used for other high-priority traffic such as BGP, PIM, ICMP, ICMPV6 ND and ISAKMP. Due to this misclassification of traffic, receipt of a high rate of these specific packets will cause delays in the processing of other traffic, leading to a Denial of Service (DoS). Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on ACX2K Series: All versions prior to 19.4R3-S9; All 20.2 versions; 20.3 versions prior to 20.3R3-S6 on ACX2K Series; 20.4 versions prior to 20.4R3-S4 on ACX2K Series; All 21.1 versions; 21.2 versions prior to 21.2R3-S3 on ACX2K Series. Note: This issues affects legacy ACX2K Series PPC-based devices. This platform reached Last Supported Version (LSV) as of the Junos OS 21.2 Release.",
"id": "GHSA-hv3j-pf66-34pj",
"modified": "2023-01-24T21:30:37Z",
"published": "2023-01-13T00:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22391"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA70187"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWCG-4M94-F242
Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2022-05-24 16:46A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus.
{
"affected": [],
"aliases": [
"CVE-2018-7849"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-22T20:29:00Z",
"severity": "HIGH"
},
"details": "A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus.",
"id": "GHSA-hwcg-4m94-f242",
"modified": "2022-05-24T16:46:13Z",
"published": "2022-05-24T16:46:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7849"
},
{
"type": "WEB",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0737"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-HWR9-P63P-WQ87
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.
{
"affected": [],
"aliases": [
"CVE-2017-7518"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-30T15:29:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.",
"id": "GHSA-hwr9-p63p-wq87",
"modified": "2022-05-13T01:36:19Z",
"published": "2022-05-13T01:36:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7518"
},
{
"type": "WEB",
"url": "https://access.redhat.com/articles/3290921"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0395"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0412"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3619-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3619-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3754-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-3981"
},
{
"type": "WEB",
"url": "https://www.spinics.net/lists/kvm/msg151817.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/06/23/5"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99263"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038782"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWX5-R3GC-QG42
Vulnerability from github – Published: 2022-06-08 00:00 – Updated: 2022-06-12 00:00Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 allows untrusted applications to access toast message information from device.
{
"affected": [],
"aliases": [
"CVE-2022-30716"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-07T18:15:00Z",
"severity": "MODERATE"
},
"details": "Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 allows untrusted applications to access toast message information from device.",
"id": "GHSA-hwx5-r3gc-qg42",
"modified": "2022-06-12T00:00:47Z",
"published": "2022-06-08T00:00:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30716"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HX28-VM67-XH3R
Vulnerability from github – Published: 2023-12-03 00:30 – Updated: 2023-12-08 18:30In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.
{
"affected": [],
"aliases": [
"CVE-2023-47100"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-02T23:15:07Z",
"severity": "CRITICAL"
},
"details": "In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \\p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.",
"id": "GHSA-hx28-vm67-xh3r",
"modified": "2023-12-08T18:30:37Z",
"published": "2023-12-03T00:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47100"
},
{
"type": "WEB",
"url": "https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010"
},
{
"type": "WEB",
"url": "https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6"
},
{
"type": "WEB",
"url": "https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.