Common Weakness Enumeration

CWE-76

Allowed

Improper Neutralization of Equivalent Special Elements

Abstraction: Base · Status: Draft

The product correctly neutralizes certain special elements, but it improperly neutralizes equivalent special elements.

22 vulnerabilities reference this CWE, most recent first.

GHSA-H5WQ-XQ9G-PPPC

Vulnerability from github – Published: 2023-03-02 06:30 – Updated: 2023-03-10 18:30
VLAI
Details

Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-1149"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-76"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-02T05:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0.",
  "id": "GHSA-h5wq-xq9g-pppc",
  "modified": "2023-03-10T18:30:19Z",
  "published": "2023-03-02T06:30:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1149"
    },
    {
      "type": "WEB",
      "url": "https://github.com/btcpayserver/btcpayserver/commit/ddb125f45892b4dafdbd5c072af1ce623758bb92"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/2e734209-d7b0-4f57-a8be-c65c82208f2f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WXXQ-MWHH-CVM2

Vulnerability from github – Published: 2026-07-15 15:33 – Updated: 2026-07-15 15:33
VLAI
Details

When NGINX Ingress Controller is configured with Custom Resource Definitions (CRDs) or Ingress annotations, an injection vulnerability exists in the configuration generator of NGINX Ingress Controller. Multiple user-controllable fields are written into the generated NGINX configuration without sanitization. An authenticated attacker with permission to create or modify these CRDs or annotations may craft values that inject arbitrary NGINX configuration directives.

Impact: An authenticated attacker granted write access to NGINX Ingress Controller CRDs or Ingress annotations through the Kubernetes API may be able to inject arbitrary NGINX configuration directives, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-55723"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-76"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-15T15:16:45Z",
    "severity": "HIGH"
  },
  "details": "When NGINX Ingress Controller is configured with Custom Resource Definitions (CRDs) or Ingress annotations, an injection vulnerability exists in the configuration generator of NGINX Ingress Controller. Multiple user-controllable fields are written into the generated NGINX configuration without sanitization. An authenticated attacker with permission to create or modify these CRDs or annotations may craft values that inject arbitrary NGINX configuration directives. \n\nImpact:\nAn authenticated attacker granted write access to NGINX Ingress Controller CRDs or Ingress annotations through the Kubernetes API may be able to inject arbitrary NGINX configuration directives, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
  "id": "GHSA-wxxq-mwhh-cvm2",
  "modified": "2026-07-15T15:33:07Z",
  "published": "2026-07-15T15:33:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-55723"
    },
    {
      "type": "WEB",
      "url": "https://my.f5.com/manage/s/article/K000161800"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation
Requirements

Programming languages and supporting technologies might be chosen which are not subject to these issues.

Mitigation
Implementation

Utilize an appropriate mix of allowlist and denylist parsing to filter equivalent special element syntax from all input.

No CAPEC attack patterns related to this CWE.