Common Weakness Enumeration

CWE-835

Allowed

Loop with Unreachable Exit Condition ('Infinite Loop')

Abstraction: Base · Status: Incomplete

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

1052 vulnerabilities reference this CWE, most recent first.

GHSA-83GH-Q9XF-W4XR

Vulnerability from github – Published: 2025-01-31 12:33 – Updated: 2025-11-03 21:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

filemap: avoid truncating 64-bit offset to 32 bits

On 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a 64-bit value to 32 bits, leading to a possible infinite loop when writing to an xfs filesystem.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21665"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-31T12:15:27Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: avoid truncating 64-bit offset to 32 bits\n\nOn 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a\n64-bit value to 32 bits, leading to a possible infinite loop when writing\nto an xfs filesystem.",
  "id": "GHSA-83gh-q9xf-w4xr",
  "modified": "2025-11-03T21:32:30Z",
  "published": "2025-01-31T12:33:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21665"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/09528bb1a4123e2a234eac2bc45a0e51e78dab43"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/280f1fb89afc01e7376f59ae611d54ca69e9f967"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/64e5fd96330df2ad278d1c4edcca581f26e5f76e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/80fc836f3ebe2f2d2d2c80c698b7667974285a04"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f505e6c91e7a22d10316665a86d79f84d9f0ba76"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-84GJ-C6VV-GH4Q

Vulnerability from github – Published: 2022-05-13 01:16 – Updated: 2022-05-13 01:16
VLAI
Details

The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-8558"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-05-23T19:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.",
  "id": "GHSA-84gj-c6vv-gh4q",
  "modified": "2022-05-13T01:16:26Z",
  "published": "2022-05-13T01:16:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8558"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277983"
    },
    {
      "type": "WEB",
      "url": "https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02124.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201602-01"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=156a2e4dbffa85997636a7a39ef12da6f1b40254"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=156a2e4dbffa85997636a7a39ef12da6f1b40254"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2016/dsa-3469"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2016/dsa-3470"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2016/dsa-3471"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/12/14/16"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/12/14/9"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/80694"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8549-4C5J-X7G2

Vulnerability from github – Published: 2024-01-12 15:30 – Updated: 2025-11-03 21:30
VLAI
Details

When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0437"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-12T14:15:47Z",
    "severity": "MODERATE"
  },
  "details": "When calling bson_utf8_validate\u00a0on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0.",
  "id": "GHSA-8549-4c5j-x7g2",
  "modified": "2025-11-03T21:30:59Z",
  "published": "2024-01-12T15:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0437"
    },
    {
      "type": "WEB",
      "url": "https://jira.mongodb.org/browse/CDRIVER-4747"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00027.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GUVOAFZFSYTNBF6R7H4XJM5DHWBRQ6P"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-857C-G6R6-MJ7P

Vulnerability from github – Published: 2025-08-14 18:31 – Updated: 2025-08-14 21:31
VLAI
Details

An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-51986"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-14T18:15:30Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet.",
  "id": "GHSA-857c-g6r6-mj7p",
  "modified": "2025-08-14T21:31:57Z",
  "published": "2025-08-14T18:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-51986"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/jyjsunny/a9743a718ed3081b034c11201803f6b4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-85G2-5CQR-RM5C

Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44
VLAI
Details

The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-18208"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-01T05:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.",
  "id": "GHSA-85g2-5cqr-rm5c",
  "modified": "2022-05-13T01:44:36Z",
  "published": "2022-05-13T01:44:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18208"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2948"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:3083"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:3096"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3967"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:4057"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:4058"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3619-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3619-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3653-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3653-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3655-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3655-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3657-1"
    },
    {
      "type": "WEB",
      "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-85R2-3V9J-HFRQ

Vulnerability from github – Published: 2022-05-24 17:41 – Updated: 2022-05-24 17:41
VLAI
Details

picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop) via a crafted QUIC frame, related to the picoquic_decode_frames and picoquic_decode_stream_frame functions and epoch==3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-24944"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-08T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop) via a crafted QUIC frame, related to the picoquic_decode_frames and picoquic_decode_stream_frame functions and epoch==3.",
  "id": "GHSA-85r2-3v9j-hfrq",
  "modified": "2022-05-24T17:41:16Z",
  "published": "2022-05-24T17:41:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24944"
    },
    {
      "type": "WEB",
      "url": "https://github.com/private-octopus/picoquic/issues/969"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-86FX-VW86-G82J

Vulnerability from github – Published: 2022-05-24 17:39 – Updated: 2022-05-24 17:39
VLAI
Details

In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic. The traffic loop will cause interface traffic to increase abnormally, ultimately leading to a Denial of Service (DoS) in packet processing. The following command could be used to monitor the interface traffic: user@junos> monitor interface traffic Interface Link Input packets (pps) Output packets (pps) et-0/0/1 Up 6492089274364 (70994959) 6492089235319 (70994956) et-0/0/25 Up 343458103 (1) 156844 (0) ae0 Up 9132519197257 (70994959) 9132519139454 (70994956) This issue affects Juniper Networks Junos OS on QFX Series: all versions prior to 17.3R3-S10; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S5, 18.4R3-S5; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S3; 19.2 versions prior to 19.2R1-S5, 19.2R3-S1; 19.3 versions prior to 19.3R2-S5, 19.3R3; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S2, 20.2R2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-0221"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-15T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic. The traffic loop will cause interface traffic to increase abnormally, ultimately leading to a Denial of Service (DoS) in packet processing. The following command could be used to monitor the interface traffic: user@junos\u003e monitor interface traffic Interface Link Input packets (pps) Output packets (pps) et-0/0/1 Up 6492089274364 (70994959) 6492089235319 (70994956) et-0/0/25 Up 343458103 (1) 156844 (0) ae0 Up 9132519197257 (70994959) 9132519139454 (70994956) This issue affects Juniper Networks Junos OS on QFX Series: all versions prior to 17.3R3-S10; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S5, 18.4R3-S5; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S3; 19.2 versions prior to 19.2R1-S5, 19.2R3-S1; 19.3 versions prior to 19.3R2-S5, 19.3R3; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S2, 20.2R2.",
  "id": "GHSA-86fx-vw86-g82j",
  "modified": "2022-05-24T17:39:21Z",
  "published": "2022-05-24T17:39:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0221"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA11111"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-87F4-45WV-QPRF

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:36
VLAI
Details

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-7702"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-12T23:59:00Z",
    "severity": "HIGH"
  },
  "details": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.",
  "id": "GHSA-87f4-45wv-qprf",
  "modified": "2025-04-20T03:36:01Z",
  "published": "2022-05-13T01:47:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7702"
    },
    {
      "type": "WEB",
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13477"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2f322f66cbcca2fefdaa630494f9d6c97eb659b7"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2f322f66cbcca2fefdaa630494f9d6c97eb659b7"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201706-12"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2017-13.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97633"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038262"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-87MJ-5GGW-8QC3

Vulnerability from github – Published: 2026-03-25 20:05 – Updated: 2026-03-27 21:36
VLAI
Summary
pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream
Details

Impact

An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode.

Patches

This has been fixed in pypdf==6.9.2.

Workarounds

If users cannot upgrade yet, consider applying the changes from PR #3693.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pypdf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.9.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-33699"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-25T20:05:22Z",
    "nvd_published_at": "2026-03-27T01:16:19Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nAn attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode.\n\n### Patches\n\nThis has been fixed in [pypdf==6.9.2](https://github.com/py-pdf/pypdf/releases/tag/6.9.2).\n\n### Workarounds\n\nIf users cannot upgrade yet, consider applying the changes from PR [#3693](https://github.com/py-pdf/pypdf/pull/3693).",
  "id": "GHSA-87mj-5ggw-8qc3",
  "modified": "2026-03-27T21:36:43Z",
  "published": "2026-03-25T20:05:22Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-87mj-5ggw-8qc3"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33699"
    },
    {
      "type": "WEB",
      "url": "https://github.com/py-pdf/pypdf/pull/3693"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/py-pdf/pypdf"
    },
    {
      "type": "WEB",
      "url": "https://github.com/py-pdf/pypdf/releases/tag/6.9.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream"
}

GHSA-88PH-HFRW-CHFM

Vulnerability from github – Published: 2024-04-30 00:30 – Updated: 2024-07-03 18:37
VLAI
Details

Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows infinite repetition of the processing of an error (in the Subscribe function implementation for the subscribed indication stream).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-52726"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-30T00:15:07Z",
    "severity": "MODERATE"
  },
  "details": "Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows infinite repetition of the processing of an error (in the Subscribe function implementation for the subscribed indication stream).",
  "id": "GHSA-88ph-hfrw-chfm",
  "modified": "2024-07-03T18:37:35Z",
  "published": "2024-04-30T00:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52726"
    },
    {
      "type": "WEB",
      "url": "https://github.com/onosproject/onos-ric-sdk-go/issues/133"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.