Common Weakness Enumeration

CWE-913

Allowed-with-Review

Improper Control of Dynamically-Managed Code Resources

Abstraction: Class · Status: Incomplete

The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.

159 vulnerabilities reference this CWE, most recent first.

GHSA-GJ28-GW7W-3PXC

Vulnerability from github – Published: 2026-02-02 18:31 – Updated: 2026-02-02 22:36
VLAI
Summary
Crafter CMS has Improper Control of Dynamically-Managed Code Resources
Details

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE (Remote Code Execution).

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.craftercms:craftercms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.5.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-1770"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-02T22:36:58Z",
    "nvd_published_at": "2026-02-02T17:16:17Z",
    "severity": "MODERATE"
  },
  "details": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE (Remote Code Execution).",
  "id": "GHSA-gj28-gw7w-3pxc",
  "modified": "2026-02-02T22:36:58Z",
  "published": "2026-02-02T18:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1770"
    },
    {
      "type": "WEB",
      "url": "https://docs.craftercms.org/current/security/advisory.html#cv-2026020201"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/craftercms/craftercms"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Crafter CMS has Improper Control of Dynamically-Managed Code Resources"
}

GHSA-GQ3H-3P4J-VFFV

Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2022-05-24 17:34
VLAI
Details

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable Webex site. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Cisco Webex Meetings Server site. A successful exploit requires the attacker to have access to join a Webex meeting, including applicable meeting join links and passwords. The attacker could then exploit this vulnerability to join meetings, without appearing in the participant list, while having full access to audio, video, chat, and screen sharing capabilities.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-3419"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-18T19:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable Webex site. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Cisco Webex Meetings Server site. A successful exploit requires the attacker to have access to join a Webex meeting, including applicable meeting join links and passwords. The attacker could then exploit this vulnerability to join meetings, without appearing in the participant list, while having full access to audio, video, chat, and screen sharing capabilities.",
  "id": "GHSA-gq3h-3p4j-vffv",
  "modified": "2022-05-24T17:34:34Z",
  "published": "2022-05-24T17:34:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3419"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-auth-token-3vg57A5r"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-H5CG-53G7-GQJW

Vulnerability from github – Published: 2024-03-06 17:05 – Updated: 2024-08-02 15:37
VLAI
Summary
RPyC's missing security check results in code execution when using numpy.array on the server-side.
Details

An issue in Open Source: RPyC v.4.00 thru v.5.3.1 allows a remote attacker to execute arbitrary code via a crafted script to the __array__ attribute component. This vulnerability was introduced in 9f45f826.

Attack Vector

RPyC services that rely on the __array__ attribute used by numpy are impacted. When the server-side exposes a method that calls the attribute named __array__ for a a client provided netref (e.g., np.array(client_netref)), a remote attacker can craft a class which results in remote code execution

Impact

Assuming the system exposes a method that calls the attribute __array__, an attacker can execute code using the vulnerable component.

Patches

The fix is available in RPyC 6.0.0. The major version change is because some users may need to set allow_pickle to True when migrating to RPyC 6.

Workarounds

While the recommend fix is to upgrade to RPyC 6.0.0, the workaround is to apply bba1d356 as patch.

Affected Component

The affected component is the __array__ method constructed for NetrefClass.

References

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "rpyc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "6.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-27758"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306",
      "CWE-358",
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-03-06T17:05:30Z",
    "nvd_published_at": "2024-03-12T16:15:08Z",
    "severity": "HIGH"
  },
  "details": "An issue in Open Source: RPyC v.4.00 thru v.5.3.1 allows a remote attacker to execute arbitrary code via a crafted script to the `__array__` attribute component. This vulnerability was introduced in [9f45f826](https://github.com/tomerfiliba-org/rpyc/commit/9f45f8269d4106905db61d82cd529cacdb178911).\n\n### Attack Vector\nRPyC services that rely on the `__array__` attribute used by numpy are impacted. When the server-side exposes a method that calls the attribute named `__array__` for a a client provided netref (e.g., `np.array(client_netref)`), a remote attacker can craft a class which results in remote code execution\n\n### Impact\nAssuming the system exposes a method that calls the attribute `__array__`, an attacker can execute code using the vulnerable component. \n\n### Patches\nThe fix is available in RPyC 6.0.0. The major version change is because some users may need to set `allow_pickle` to `True` when migrating to RPyC 6.\n\n### Workarounds\nWhile the recommend fix is to upgrade to RPyC 6.0.0, the workaround is to [apply bba1d356 as patch.](https://github.com/tomerfiliba-org/rpyc/commit/bba1d3562e6f9f1256ec64048cc23001c0bb7516)\n\n### Affected Component\n[The affected component](https://github.com/tomerfiliba-org/rpyc/blob/5.3.1/rpyc/core/netref.py#L252-L255) is the `__array__` method constructed for `NetrefClass`.\n\n### References\n- [Original disclosure](https://gist.github.com/renbou/957f70d27470982994f12a1d70153d09) by [renbou (Artem Mikheev)](https://gist.github.com/renbou)\n- [CVE-2024-27758](https://nvd.nist.gov/vuln/detail/CVE-2024-27758)\n",
  "id": "GHSA-h5cg-53g7-gqjw",
  "modified": "2024-08-02T15:37:26Z",
  "published": "2024-03-06T17:05:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tomerfiliba-org/rpyc/security/advisories/GHSA-h5cg-53g7-gqjw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27758"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tomerfiliba-org/rpyc/commit/9f45f8269d4106905db61d82cd529cacdb178911"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tomerfiliba-org/rpyc/commit/bba1d3562e6f9f1256ec64048cc23001c0bb7516"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/renbou/957f70d27470982994f12a1d70153d09"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/rpyc/PYSEC-2024-44.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tomerfiliba-org/rpyc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tomerfiliba-org/rpyc/blob/5.3.1/rpyc/core/netref.py#L252-L255"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "RPyC\u0027s missing security check results in code execution when using numpy.array on the server-side."
}

GHSA-HH7J-PG39-Q563

Vulnerability from github – Published: 2023-05-24 17:38 – Updated: 2023-05-30 06:41
VLAI
Summary
toui allows user-specific variables to be shared between users
Details

Impact

Websites that use Website.user_vars property in versions.

Patches

It affects versions v2.0.1 to v2.4.0. Please upgrade to v2.4.1

Workarounds

Do not use Website.user_vars in websites when using versions v2.0.1 to v2.4.0. Also, do not use Website.signin_user() in version v2.4.0 only.

Explanation

ToUI is using Flask-Caching (SimpleCache) to store user variables. My misunderstanding was that these caches are stored in the client's browser, but it seems that these are stored in the server side.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "toui"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.1"
            },
            {
              "fixed": "2.4.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-33175"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913",
      "CWE-914"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-05-24T17:38:52Z",
    "nvd_published_at": "2023-05-30T05:15:11Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\nWebsites that use `Website.user_vars` property in versions.\n\n### Patches\nIt affects versions v2.0.1 to v2.4.0. Please upgrade to v2.4.1\n\n### Workarounds\nDo not use `Website.user_vars` in websites when using versions v2.0.1 to v2.4.0. Also, do not use `Website.signin_user()` in version v2.4.0 only.\n\n### Explanation\nToUI is using Flask-Caching (SimpleCache) to store user variables. My misunderstanding was that these caches are stored in the client\u0027s browser, but it seems that these are stored in the server side.\n",
  "id": "GHSA-hh7j-pg39-q563",
  "modified": "2023-05-30T06:41:13Z",
  "published": "2023-05-24T17:38:52Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/mubarakalmehairbi/ToUI/security/advisories/GHSA-hh7j-pg39-q563"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33175"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mubarakalmehairbi/ToUI"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mubarakalmehairbi/ToUI/releases/tag/v2.4.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "toui allows user-specific variables to be shared between users"
}

GHSA-J2HP-QMRF-626C

Vulnerability from github – Published: 2021-12-03 00:00 – Updated: 2021-12-04 00:01
VLAI
Details

Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-23259"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-02T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE).",
  "id": "GHSA-j2hp-qmrf-626c",
  "modified": "2021-12-04T00:01:14Z",
  "published": "2021-12-03T00:00:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23259"
    },
    {
      "type": "WEB",
      "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120102"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J6X3-3JQQ-M922

Vulnerability from github – Published: 2022-09-14 00:00 – Updated: 2022-09-20 17:41
VLAI
Summary
CrafterCMS OS Command Injection vulnerability
Details

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.craftercms:craftercms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.1.0"
            },
            {
              "fixed": "3.1.23"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-40635"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78",
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-20T17:41:27Z",
    "nvd_published_at": "2022-09-13T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.",
  "id": "GHSA-j6x3-3jqq-m922",
  "modified": "2022-09-20T17:41:27Z",
  "published": "2022-09-14T00:00:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40635"
    },
    {
      "type": "WEB",
      "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/craftercms/craftercms"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "CrafterCMS OS Command Injection vulnerability"
}

GHSA-J7MP-FRQ8-HWP3

Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30
VLAI
Details

An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file's path is passed as a URI in an org.freedesktop.FileManager1.ShowFolders D-Bus method call, PCManFM-Qt delegates to a different program (based on the file type) without user confirmation. This could be used to achieve code execution or circumvent network namespace restrictions. NOTE: those outcomes are potentially unwanted by most users; however, the behavior of the product does comply with the applicable specification, and a simplistic solution (ensuring that the URI does not name a regular file) may have adverse consequences for I/O.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-48700"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-22T19:17:04Z",
    "severity": "CRITICAL"
  },
  "details": "An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file\u0027s path is passed as a URI in an org.freedesktop.FileManager1.ShowFolders D-Bus method call, PCManFM-Qt delegates to a different program (based on the file type) without user confirmation. This could be used to achieve code execution or circumvent network namespace restrictions. NOTE: those outcomes are potentially unwanted by most users; however, the behavior of the product does comply with the applicable specification, and a simplistic solution (ensuring that the URI does not name a regular file) may have adverse consequences for I/O.",
  "id": "GHSA-j7mp-frq8-hwp3",
  "modified": "2026-05-26T13:30:20Z",
  "published": "2026-05-26T13:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48700"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lxqt/pcmanfm-qt/releases"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/05/19/1"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/05/20/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:I/V:D/RE:M/U:Clear",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-JGC5-XGWJ-77VF

Vulnerability from github – Published: 2022-02-17 00:00 – Updated: 2022-03-19 00:01
VLAI
Details

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-25265"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-16T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.",
  "id": "GHSA-jgc5-xgwj-77vf",
  "modified": "2022-03-19T00:01:46Z",
  "published": "2022-02-17T00:00:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25265"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/blob/1c33bb0507508af24fd754dd7123bd8e997fab2f/arch/x86/include/asm/elf.h#L281-L294"
    },
    {
      "type": "WEB",
      "url": "https://github.com/x0reaxeax/exec-prot-bypass"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220318-0005"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JQV5-7XPX-QJ74

Vulnerability from github – Published: 2023-03-13 20:00 – Updated: 2023-03-16 21:34
VLAI
Summary
sqlite vulnerable to code execution due to Object coercion
Details

Impact

Due to the underlying implementation of .ToString(), it's possible to execute arbitrary JavaScript, or to achieve a denial-of-service, if a binding parameter is a crafted Object.

Users of sqlite3 v5.0.0 - v5.1.4 are affected by this.

Patches

Fixed in v5.1.5. All users are recommended to upgrade to v5.1.5 or later.

Workarounds

  • Ensure there is sufficient sanitization in the parent application to protect against invalid values being supplied to binding parameters.

References

  • Commit: https://github.com/TryGhost/node-sqlite3/commit/edb1934dd222ae55632e120d8f64552d5191c781

For more information

If you have any questions or comments about this advisory:

Credits: Dave McDaniel of Cisco Talos

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "sqlite3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.1.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-43441"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913",
      "CWE-915"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-03-13T20:00:52Z",
    "nvd_published_at": "2023-03-16T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nDue to the underlying implementation of `.ToString()`, it\u0027s possible to execute arbitrary JavaScript, or to achieve a denial-of-service, if a binding parameter is a crafted Object.\n\nUsers of `sqlite3` v5.0.0 - v5.1.4 are affected by this.\n\n### Patches\n\nFixed in v5.1.5. All users are recommended to upgrade to v5.1.5 or later.\n\n### Workarounds\n\n* Ensure there is sufficient sanitization in the parent application to protect against invalid values being supplied to binding parameters.\n\n### References\n\n* Commit: https://github.com/TryGhost/node-sqlite3/commit/edb1934dd222ae55632e120d8f64552d5191c781\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Email us at [security@ghost.org](mailto:security@ghost.org)\n\nCredits: Dave McDaniel of Cisco Talos",
  "id": "GHSA-jqv5-7xpx-qj74",
  "modified": "2023-03-16T21:34:27Z",
  "published": "2023-03-13T20:00:52Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/TryGhost/node-sqlite3/security/advisories/GHSA-jqv5-7xpx-qj74"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43441"
    },
    {
      "type": "WEB",
      "url": "https://github.com/TryGhost/node-sqlite3/commit/edb1934dd222ae55632e120d8f64552d5191c781"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/TryGhost/node-sqlite3"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1645"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "sqlite vulnerable to code execution due to Object coercion"
}

GHSA-JVPP-7888-2HGR

Vulnerability from github – Published: 2025-04-27 03:30 – Updated: 2025-04-27 03:30
VLAI
Details

NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-46673"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-27T01:15:44Z",
    "severity": "MODERATE"
  },
  "details": "NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS).",
  "id": "GHSA-jvpp-7888-2hgr",
  "modified": "2025-04-27T03:30:22Z",
  "published": "2025-04-27T03:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46673"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/pull/286"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/pull/306"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/compare/v1.3.0...v1.3.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2"
    },
    {
      "type": "WEB",
      "url": "https://securitybynature.fr/post/hacking-cryptolib"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Strategy: Input Validation

For any externally-influenced input, check the input against an allowlist of acceptable values.

Mitigation
Implementation Architecture and Design

Strategy: Refactoring

Refactor the code so that it does not need to be dynamically managed.

No CAPEC attack patterns related to this CWE.