CWE-252
AllowedUnchecked Return Value
Abstraction: Base · Status: Draft
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
227 vulnerabilities reference this CWE, most recent first.
GHSA-687W-XP39-Q584
Vulnerability from github – Published: 2022-05-24 16:59 – Updated: 2024-02-16 18:31An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The result was that, instead of reporting that the supplied username or group name did not exist, it would execute the command as root.
{
"affected": [],
"aliases": [
"CVE-2019-15900"
],
"database_specific": {
"cwe_ids": [
"CWE-252"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-18T16:15:00Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The result was that, instead of reporting that the supplied username or group name did not exist, it would execute the command as root.",
"id": "GHSA-687w-xp39-q584",
"modified": "2024-02-16T18:31:02Z",
"published": "2022-05-24T16:59:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15900"
},
{
"type": "WEB",
"url": "https://github.com/slicer69/doas/commit/2f83222829448e5bc4c9391d607ec265a1e06531"
},
{
"type": "WEB",
"url": "https://github.com/slicer69/doas/compare/6.1p1...6.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6FVJ-8P6J-8WXG
Vulnerability from github – Published: 2025-10-16 15:30 – Updated: 2026-05-12 15:31A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.
{
"affected": [],
"aliases": [
"CVE-2025-11839"
],
"database_specific": {
"cwe_ids": [
"CWE-252"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-16T14:15:34Z",
"severity": "MODERATE"
},
"details": "A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.",
"id": "GHSA-6fvj-8p6j-8wxg",
"modified": "2026-05-12T15:31:12Z",
"published": "2025-10-16T15:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11839"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"type": "WEB",
"url": "https://sourceware.org/bugzilla/attachment.cgi?id=16344"
},
{
"type": "WEB",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33448"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.328774"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.328774"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.661279"
},
{
"type": "WEB",
"url": "https://www.gnu.org"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-6J2P-Q7P9-HMXW
Vulnerability from github – Published: 2024-11-14 12:31 – Updated: 2025-11-03 21:31Unchecked return value can allow Apache Traffic Server to retain privileges on startup.
This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1.
Users are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.
{
"affected": [],
"aliases": [
"CVE-2024-50306"
],
"database_specific": {
"cwe_ids": [
"CWE-252"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-14T10:15:08Z",
"severity": "CRITICAL"
},
"details": "Unchecked return value can allow Apache Traffic Server to retain privileges on startup.\n\nThis issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1.\n\nUsers are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.",
"id": "GHSA-6j2p-q7p9-hmxw",
"modified": "2025-11-03T21:31:36Z",
"published": "2024-11-14T12:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50306"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00018.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6VWC-64MX-78V2
Vulnerability from github – Published: 2025-03-05 12:31 – Updated: 2025-03-05 12:31An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.
{
"affected": [],
"aliases": [
"CVE-2024-12650"
],
"database_specific": {
"cwe_ids": [
"CWE-252"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-05T12:15:34Z",
"severity": "MODERATE"
},
"details": "An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.",
"id": "GHSA-6vwc-64mx-78v2",
"modified": "2025-03-05T12:31:12Z",
"published": "2025-03-05T12:31:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12650"
},
{
"type": "WEB",
"url": "https://cert.vde.com/en/advisories/VDE-2025-004"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-722W-734R-QG74
Vulnerability from github – Published: 2025-03-02 03:30 – Updated: 2025-03-02 03:30list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.
{
"affected": [],
"aliases": [
"CVE-2025-25724"
],
"database_specific": {
"cwe_ids": [
"CWE-252"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-02T02:15:36Z",
"severity": "MODERATE"
},
"details": "list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.",
"id": "GHSA-722w-734r-qg74",
"modified": "2025-03-02T03:30:31Z",
"published": "2025-03-02T03:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25724"
},
{
"type": "WEB",
"url": "https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92"
},
{
"type": "WEB",
"url": "https://github.com/Ekkosun/pocs/blob/main/bsdtarbug"
},
{
"type": "WEB",
"url": "https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-72V7-RM66-2GR3
Vulnerability from github – Published: 2026-05-15 03:30 – Updated: 2026-05-15 03:30An unchecked return value within the AMD Platform Management Framework (PMF) could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability.
{
"affected": [],
"aliases": [
"CVE-2025-0028"
],
"database_specific": {
"cwe_ids": [
"CWE-252"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-15T03:16:21Z",
"severity": "HIGH"
},
"details": "An unchecked return value within the AMD Platform Management Framework (PMF) could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability.",
"id": "GHSA-72v7-rm66-2gr3",
"modified": "2026-05-15T03:30:37Z",
"published": "2026-05-15T03:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0028"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:H/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-76PR-H99M-Q4FJ
Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2025-05-12 21:30In the Linux kernel, the following vulnerability has been resolved:
binder: make sure fd closes complete
During BC_FREE_BUFFER processing, the BINDER_TYPE_FDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to return to userspace or the file object may never be dereferenced -- which can lead to hung processes.
Force the binder thread back to userspace if an fd is closed during BC_FREE_BUFFER handling.
{
"affected": [],
"aliases": [
"CVE-2021-47360"
],
"database_specific": {
"cwe_ids": [
"CWE-252"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T15:15:22Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: make sure fd closes complete\n\nDuring BC_FREE_BUFFER processing, the BINDER_TYPE_FDA object\ncleanup may close 1 or more fds. The close operations are\ncompleted using the task work mechanism -- which means the thread\nneeds to return to userspace or the file object may never be\ndereferenced -- which can lead to hung processes.\n\nForce the binder thread back to userspace if an fd is closed during\nBC_FREE_BUFFER handling.",
"id": "GHSA-76pr-h99m-q4fj",
"modified": "2025-05-12T21:30:56Z",
"published": "2024-05-21T15:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47360"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5fdb55c1ac9585eb23bb2541d5819224429e103d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/aa2c274c279ff365a06a4cba263f04965895166e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b95483d8d94b41fa31a84c1d86710b7907a37621"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d5b0473707fa53b03a5db0256ce62b2874bddbc7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-787R-J94J-7WPV
Vulnerability from github – Published: 2023-03-01 21:30 – Updated: 2025-03-20 15:30In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.
{
"affected": [],
"aliases": [
"CVE-2023-23003"
],
"database_specific": {
"cwe_ids": [
"CWE-252"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-01T20:15:00Z",
"severity": "HIGH"
},
"details": "In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.",
"id": "GHSA-787r-j94j-7wpv",
"modified": "2025-03-20T15:30:25Z",
"published": "2023-03-01T21:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23003"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/0a515a06c5ebfa46fee3ac519e418f801e718da4"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230331-0003"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7C4J-2M43-2MGH
Vulnerability from github – Published: 2026-04-22 19:19 – Updated: 2026-04-27 16:22Impact
An untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key.
Hashing an election macro header hashes validators and reaches Validators::voting_keys(), which calls validator.voting_key.uncompress().unwrap() and panics on invalid bytes.
Patches
The patch for this vulnerability is included as part of v1.3.0.
Workarounds
No known workarounds.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "nimiq-primitives"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34065"
],
"database_specific": {
"cwe_ids": [
"CWE-252",
"CWE-755"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-22T19:19:28Z",
"nvd_published_at": "2026-04-22T20:16:41Z",
"severity": "HIGH"
},
"details": "### Impact\nAn untrusted p2p peer can cause a node to panic by announcing an election macro block whose `validators` set contains an invalid compressed BLS voting key.\n\nHashing an election macro header hashes `validators` and reaches `Validators::voting_keys()`, which calls `validator.voting_key.uncompress().unwrap()` and panics on invalid bytes.\n\n### Patches\n[The patch for this vulnerability](https://github.com/nimiq/core-rs-albatross/commit/e10eaebcd7774e5da6d0ff5e88ed13503474f0ff) is included as part of [v1.3.0](https://github.com/nimiq/core-rs-albatross/releases/tag/v1.3.0).\n\n### Workarounds\nNo known workarounds.",
"id": "GHSA-7c4j-2m43-2mgh",
"modified": "2026-04-27T16:22:32Z",
"published": "2026-04-22T19:19:28Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-7c4j-2m43-2mgh"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34065"
},
{
"type": "WEB",
"url": "https://github.com/nimiq/core-rs-albatross/pull/3662"
},
{
"type": "WEB",
"url": "https://github.com/nimiq/core-rs-albatross/commit/e10eaebcd7774e5da6d0ff5e88ed13503474f0ff"
},
{
"type": "PACKAGE",
"url": "https://github.com/nimiq/core-rs-albatross"
},
{
"type": "WEB",
"url": "https://github.com/nimiq/core-rs-albatross/releases/tag/v1.3.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals"
}
GHSA-7HM4-28MG-FMP9
Vulnerability from github – Published: 2022-04-21 01:29 – Updated: 2022-04-21 01:29manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.
{
"affected": [],
"aliases": [
"CVE-1999-0199"
],
"database_specific": {
"cwe_ids": [
"CWE-252"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-10-06T13:15:00Z",
"severity": "CRITICAL"
},
"details": "manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree\u0027s root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.",
"id": "GHSA-7hm4-28mg-fmp9",
"modified": "2022-04-21T01:29:06Z",
"published": "2022-04-21T01:29:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-1999-0199"
},
{
"type": "WEB",
"url": "https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40"
},
{
"type": "WEB",
"url": "https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz"
},
{
"type": "WEB",
"url": "https://www.cee.studio/tdelete.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation MIT-53
Check the results of all functions that return a value and verify that the value is expected.
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Ensure that you account for all possible return values from the function.
Mitigation
When designing a function, make sure you return a value or throw an exception in case of an error.
No CAPEC attack patterns related to this CWE.