CWE-824
AllowedAccess of Uninitialized Pointer
Abstraction: Base · Status: Incomplete
The product accesses or uses a pointer that has not been initialized.
451 vulnerabilities reference this CWE, most recent first.
GHSA-F4FH-29CP-VMCG
Vulnerability from github – Published: 2022-05-01 18:25 – Updated: 2022-05-01 18:25EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that occur before a call to pldbg_create_listener, which allows remote authenticated users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a SELECT statement that invokes a pldbg_ function, as demonstrated by (1) pldbg_get_stack and (2) pldbg_abort_target, which triggers use of an uninitialized pointer.
{
"affected": [],
"aliases": [
"CVE-2007-4639"
],
"database_specific": {
"cwe_ids": [
"CWE-824",
"CWE-94"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2007-08-31T23:17:00Z",
"severity": "MODERATE"
},
"details": "EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that occur before a call to pldbg_create_listener, which allows remote authenticated users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a SELECT statement that invokes a pldbg_ function, as demonstrated by (1) pldbg_get_stack and (2) pldbg_abort_target, which triggers use of an uninitialized pointer.",
"id": "GHSA-f4fh-29cp-vmcg",
"modified": "2022-05-01T18:25:38Z",
"published": "2022-05-01T18:25:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4639"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36328"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/26640"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/478057/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/25481"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2007/3040"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-F4MR-H274-9W8H
Vulnerability from github – Published: 2023-09-20 18:30 – Updated: 2025-06-28 00:31Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
{
"affected": [],
"aliases": [
"CVE-2023-20594"
],
"database_specific": {
"cwe_ids": [
"CWE-665",
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-20T18:15:12Z",
"severity": "MODERATE"
},
"details": "Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.",
"id": "GHSA-f4mr-h274-9w8h",
"modified": "2025-06-28T00:31:10Z",
"published": "2023-09-20T18:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20594"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4007"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-F4WX-342H-RXVC
Vulnerability from github – Published: 2022-05-13 01:01 – Updated: 2022-05-13 01:01An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause an uninitialized pointer representing a TTableRow to be assigned to a variable on the stack. This variable is later dereferenced and then written to allow for controlled heap corruption, which can lead to code execution under the context of the application. An attacker must convince a victim to open a document in order to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2018-4001"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-10-01T20:29:00Z",
"severity": "HIGH"
},
"details": "An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause an uninitialized pointer representing a TTableRow to be assigned to a variable on the stack. This variable is later dereferenced and then written to allow for controlled heap corruption, which can lead to code execution under the context of the application. An attacker must convince a victim to open a document in order to trigger this vulnerability.",
"id": "GHSA-f4wx-342h-rxvc",
"modified": "2022-05-13T01:01:46Z",
"published": "2022-05-13T01:01:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4001"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0669"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F5CX-5WR3-5QRC
Vulnerability from github – Published: 2021-08-25 14:42 – Updated: 2024-11-13 20:55Impact
An attacker can generate undefined behavior via a reference binding to nullptr in BoostedTreesCalculateBestGainsPerFeature:
import tensorflow as tf
tf.raw_ops.BoostedTreesCalculateBestGainsPerFeature(
node_id_range=[],
stats_summary_list=[[1,2,3]],
l1=[1.0],
l2=[1.0],
tree_complexity =[1.0],
min_node_weight =[1.17],
max_splits=5)
A similar attack can occur in BoostedTreesCalculateBestFeatureSplitV2:
import tensorflow as tf
tf.raw_ops.BoostedTreesCalculateBestFeatureSplitV2(
node_id_range=[],
stats_summaries_list=[[1,2,3]],
split_types=[''],
candidate_feature_ids=[1,2,3,4],
l1=[1],
l2=[1],
tree_complexity=[1.0],
min_node_weight=[1.17],
logits_dimension=5)
The implementation does not validate the input values.
Patches
We have patched the issue in GitHub commit 9c87c32c710d0b5b53dc6fd3bfde4046e1f7a5ad and in commit. 429f009d2b2c09028647dd4bb7b3f6f414bbaad7.
The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
}
],
"aliases": [
"CVE-2021-37662"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-24T13:33:26Z",
"nvd_published_at": "2021-08-12T21:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nAn attacker can generate undefined behavior via a reference binding to nullptr in `BoostedTreesCalculateBestGainsPerFeature`:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.BoostedTreesCalculateBestGainsPerFeature(\n node_id_range=[],\n stats_summary_list=[[1,2,3]],\n l1=[1.0],\n l2=[1.0],\n tree_complexity =[1.0],\n min_node_weight =[1.17],\n max_splits=5)\n```\n\nA similar attack can occur in `BoostedTreesCalculateBestFeatureSplitV2`:\n\n```python\nimport tensorflow as tf\n \ntf.raw_ops.BoostedTreesCalculateBestFeatureSplitV2(\n node_id_range=[],\n stats_summaries_list=[[1,2,3]],\n split_types=[\u0027\u0027],\n candidate_feature_ids=[1,2,3,4],\n l1=[1], \n l2=[1],\n tree_complexity=[1.0],\n min_node_weight=[1.17],\n logits_dimension=5)\n``` \n \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/stats_ops.cc) does not validate the input values.\n\n### Patches\nWe have patched the issue in GitHub commit [9c87c32c710d0b5b53dc6fd3bfde4046e1f7a5ad](https://github.com/tensorflow/tensorflow/commit/9c87c32c710d0b5b53dc6fd3bfde4046e1f7a5ad) and in commit. [429f009d2b2c09028647dd4bb7b3f6f414bbaad7](https://github.com/tensorflow/tensorflow/commit/429f009d2b2c09028647dd4bb7b3f6f414bbaad7).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions. \n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
"id": "GHSA-f5cx-5wr3-5qrc",
"modified": "2024-11-13T20:55:59Z",
"published": "2021-08-25T14:42:26Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f5cx-5wr3-5qrc"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37662"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/429f009d2b2c09028647dd4bb7b3f6f414bbaad7"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/9c87c32c710d0b5b53dc6fd3bfde4046e1f7a5ad"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-575.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-773.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-284.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Reference binding to nullptr in boosted trees"
}
GHSA-F6JG-X7X7-48F4
Vulnerability from github – Published: 2022-05-01 07:35 – Updated: 2022-05-01 07:35The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2006-6143"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2006-12-31T05:00:00Z",
"severity": "HIGH"
},
"details": "The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.",
"id": "GHSA-f6jg-x7x7-48f4",
"modified": "2022-05-01T07:35:12Z",
"published": "2022-05-01T07:35:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6143"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31422"
},
{
"type": "WEB",
"url": "https://issues.rpath.com/browse/RPL-925"
},
{
"type": "WEB",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"type": "WEB",
"url": "http://fedoranews.org/cms/node/2375"
},
{
"type": "WEB",
"url": "http://fedoranews.org/cms/node/2376"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/31281"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23667"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23696"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23701"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23706"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23707"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23772"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23903"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/24966"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200701-21.xml"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1017493"
},
{
"type": "WEB",
"url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/481564"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:008"
},
{
"type": "WEB",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/456406/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/21970"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-408-1"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-009B.html"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2007/0111"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2007/1470"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-F7R6-P65C-88RW
Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-05-24 19:05A CWE-824: Access of uninitialized pointer vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack validation of user-supplied input data, when a malicious CGF file is imported to IGSS Definition.
{
"affected": [],
"aliases": [
"CVE-2021-22758"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-11T16:15:00Z",
"severity": "HIGH"
},
"details": "A CWE-824: Access of uninitialized pointer vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack validation of user-supplied input data, when a malicious CGF file is imported to IGSS Definition.",
"id": "GHSA-f7r6-p65c-88rw",
"modified": "2022-05-24T19:05:04Z",
"published": "2022-05-24T19:05:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22758"
},
{
"type": "WEB",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-FJ3G-R3PF-R284
Vulnerability from github – Published: 2021-12-21 00:00 – Updated: 2021-12-28 00:01Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an access of uninitialized pointer, which may allow an attacker read from or write to unexpected memory locations, leading to a denial-of-service.
{
"affected": [],
"aliases": [
"CVE-2021-38409"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-20T21:15:00Z",
"severity": "HIGH"
},
"details": "Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an access of uninitialized pointer, which may allow an attacker read from or write to unexpected memory locations, leading to a denial-of-service.",
"id": "GHSA-fj3g-r3pf-r284",
"modified": "2021-12-28T00:01:24Z",
"published": "2021-12-21T00:00:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38409"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-299-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-FQW6-7W7W-627P
Vulnerability from github – Published: 2022-05-14 00:59 – Updated: 2022-05-14 00:59It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
{
"affected": [],
"aliases": [
"CVE-2019-3836"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-01T15:29:00Z",
"severity": "HIGH"
},
"details": "It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.",
"id": "GHSA-fqw6-7w7w-627p",
"modified": "2022-05-14T00:59:50Z",
"published": "2022-05-14T00:59:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3836"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3600"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3836"
},
{
"type": "WEB",
"url": "https://gitlab.com/gnutls/gnutls/issues/704"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A3ETBUFBB4G7AITAOUYPGXVMBGVXKUAN"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201904-14"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190502-0005"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3999-1"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FVQ4-PP8F-5MR7
Vulnerability from github – Published: 2022-05-12 00:00 – Updated: 2022-05-19 00:00Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file
{
"affected": [],
"aliases": [
"CVE-2022-27794"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-11T18:15:00Z",
"severity": "HIGH"
},
"details": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file",
"id": "GHSA-fvq4-pp8f-5mr7",
"modified": "2022-05-19T00:00:29Z",
"published": "2022-05-12T00:00:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27794"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FXV6-7296-F59V
Vulnerability from github – Published: 2023-06-06 18:30 – Updated: 2024-04-04 04:36The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer.
{
"affected": [],
"aliases": [
"CVE-2023-31244"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-06T17:15:14Z",
"severity": "HIGH"
},
"details": "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nThe affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer. \n\n \n\n \n\n \n\n \n\n\n\n \n\n\n\n\n\n\n\n",
"id": "GHSA-fxv6-7296-f59v",
"modified": "2024-04-04T04:36:19Z",
"published": "2023-06-06T18:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31244"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-04"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.