Common Weakness Enumeration

CWE-755

Discouraged

Improper Handling of Exceptional Conditions

Abstraction: Class · Status: Incomplete

The product does not handle or incorrectly handles an exceptional condition.

686 vulnerabilities reference this CWE, most recent first.

GHSA-7HWJ-X2VH-JQV9

Vulnerability from github – Published: 2024-11-19 18:31 – Updated: 2025-11-04 00:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: dvbdev: prevent the risk of out of memory access

The dvbdev contains a static variable used to store dvb minors.

The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_register_device() won't check for boundaries, as it will rely that a previous call to dvb_register_adapter() would already be enforcing it.

On a similar way, dvb_device_open() uses the assumption that the register functions already did the needed checks.

This can be fragile if some device ends using different calls. This also generate warnings on static check analysers like Coverity.

So, add explicit guards to prevent potential risk of OOM issues.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-53063"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-19T18:15:26Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
  "id": "GHSA-7hwj-x2vh-jqv9",
  "modified": "2025-11-04T00:32:05Z",
  "published": "2024-11-19T18:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53063"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1e461672616b726f29261ee81bb991528818537c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3b88675e18b6517043a6f734eaa8ea6eb3bfa140"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5f76f7df14861e3a560898fa41979ec92424b58f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/972e63e895abbe8aa1ccbdbb4e6362abda7cd457"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9c17085fabbde2041c893d29599800f2d4992b23"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a4a17210c03ade1c8d9a9f193a105654b7a05c11"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b751a96025275c17f04083cbfe856822f1658946"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fedfde9deb83ac8d2f3d5f36f111023df34b1684"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7J85-MWFJ-2GR8

Vulnerability from github – Published: 2023-07-28 03:30 – Updated: 2023-07-28 03:30
VLAI
Details

An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3774"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-703",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-28T01:15:09Z",
    "severity": null
  },
  "details": "An unhandled error in Vault Enterprise\u0027s namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.",
  "id": "GHSA-7j85-mwfj-2gr8",
  "modified": "2023-07-28T03:30:12Z",
  "published": "2023-07-28T03:30:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3774"
    },
    {
      "type": "WEB",
      "url": "https://discuss.hashicorp.com/t/hcsec-2023-23-vault-enterprise-namespace-creation-may-lead-to-denial-of-service/56617"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7MQR-2V3Q-V2WM

Vulnerability from github – Published: 2021-05-24 16:57 – Updated: 2023-02-14 00:21
VLAI
Summary
Ory fosite contains Improper Handling of Exceptional Conditions
Details

Impact

The TokenRevocationHandler ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid. Whether an attacker can use this for her advantage depends on the ability to trigger errors in the store.

References

RFC 7009 states that a 503 HTTP code must be returned when the server has a problem.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/ory/fosite"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.34.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-15223"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754",
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-24T12:53:07Z",
    "nvd_published_at": "2020-09-24T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nThe `TokenRevocationHandler` ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid. Whether an attacker can use this for her advantage depends on the ability to trigger errors in the store.\n\n### References\n[RFC 7009](https://tools.ietf.org/html/rfc7009#section-2.2.1) states that a 503 HTTP code must be returned when the server has a problem.",
  "id": "GHSA-7mqr-2v3q-v2wm",
  "modified": "2023-02-14T00:21:03Z",
  "published": "2021-05-24T16:57:39Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ory/fosite/security/advisories/GHSA-7mqr-2v3q-v2wm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15223"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ory/fosite/commit/03dd55813f5521985f7dd64277b7ba0cf1441319"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2021-0109"
    },
    {
      "type": "WEB",
      "url": "https://tools.ietf.org/html/rfc7009#section-2.2.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Ory fosite contains Improper Handling of Exceptional Conditions "
}

GHSA-7P74-P32G-2V26

Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2022-05-13 01:14
VLAI
Details

A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-7474"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-02T18:30:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).",
  "id": "GHSA-7p74-p32g-2v26",
  "modified": "2022-05-13T01:14:52Z",
  "published": "2022-05-13T01:14:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7474"
    },
    {
      "type": "WEB",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7PP3-X5H4-FX5V

Vulnerability from github – Published: 2023-09-13 15:31 – Updated: 2024-04-04 07:39
VLAI
Details

A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTP(s) paths.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-27998"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755",
      "CWE-756"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-13T13:15:08Z",
    "severity": "MODERATE"
  },
  "details": "A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTP(s) paths.",
  "id": "GHSA-7pp3-x5h4-fx5v",
  "modified": "2024-04-04T07:39:06Z",
  "published": "2023-09-13T15:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27998"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.com/psirt/FG-IR-22-288"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7RP2-Q3M6-W939

Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2022-05-24 17:46
VLAI
Details

RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-11243"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-07T08:15:00Z",
    "severity": "HIGH"
  },
  "details": "RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile",
  "id": "GHSA-7rp2-q3m6-w939",
  "modified": "2022-05-24T17:46:43Z",
  "published": "2022-05-24T17:46:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11243"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-7RW7-XM59-WMR8

Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-05-24 17:45
VLAI
Details

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient error handling in the web UI. An attacker could exploit these vulnerabilities by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to cause the web UI software to become unresponsive and consume all available vty lines, preventing new session establishment and resulting in a DoS condition. Manual intervention would be required to regain web UI and vty session functionality. Note: These vulnerabilities do not affect the console connection.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-1356"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-24T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient error handling in the web UI. An attacker could exploit these vulnerabilities by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to cause the web UI software to become unresponsive and consume all available vty lines, preventing new session establishment and resulting in a DoS condition. Manual intervention would be required to regain web UI and vty session functionality. Note: These vulnerabilities do not affect the console connection.",
  "id": "GHSA-7rw7-xm59-wmr8",
  "modified": "2022-05-24T17:45:11Z",
  "published": "2022-05-24T17:45:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1356"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xe-webui-dos-z9yqYQAn"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-7VJF-QW8C-2V29

Vulnerability from github – Published: 2023-08-14 18:32 – Updated: 2024-04-04 06:55
VLAI
Details

Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-28768"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-14T17:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version\u00a0V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.",
  "id": "GHSA-7vjf-qw8c-2v29",
  "modified": "2024-04-04T06:55:05Z",
  "published": "2023-08-14T18:32:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28768"
    },
    {
      "type": "WEB",
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-xgs2220-xmg1930-and-xs1930-series-switches"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7VM6-QWH5-9X44

Vulnerability from github – Published: 2024-11-04 23:22 – Updated: 2024-11-05 18:35
VLAI
Summary
loona-hpack Panic Vulnerability
Details

Summary

loona-hpack suffers from the same vulnerability as the original hpack as documented in https://github.com/mlalic/hpack-rs/issues/11

Details

The original includes a very nice description of the problem, as well as an easy-enough fix for it.

PoC

The original example pretty much still applies:

use loona_hpack::Decoder;

pub fn main() {
    let input = &[0x3f];
    let mut decoder = Decoder::new();
    let _ = decoder.decode(input);
}

Impact

From the original: All users who try to decode untrusted input using the Decoder are vulnerable to this exploit. A patched version of the crate is available on [crates.io](https://crates.io/crates/hpack-patched) under the name hpack-patched. See [Cargo's documentation on overriding dependencies](https://doc.rust-lang.org/cargo/reference/overriding-dependencies.html) for more information.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.4.2"
      },
      "package": {
        "ecosystem": "crates.io",
        "name": "loona-hpack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-51502"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754",
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-04T23:22:33Z",
    "nvd_published_at": "2024-11-04T23:15:05Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\n`loona-hpack` suffers from the same vulnerability as the original `hpack` as documented in https://github.com/mlalic/hpack-rs/issues/11 \n\n### Details\nThe original includes a very nice description of the problem, as well as an easy-enough fix for it.\n\n### PoC\nThe original example pretty much still applies:\n```rust\nuse loona_hpack::Decoder;\n\npub fn main() {\n    let input = \u0026[0x3f];\n    let mut decoder = Decoder::new();\n    let _ = decoder.decode(input);\n}\n```\n\n### Impact\nFrom the original:\n`All users who try to decode untrusted input using the Decoder are vulnerable to this exploit. A patched version of the crate is available on [crates.io](https://crates.io/crates/hpack-patched) under the name hpack-patched. See [Cargo\u0027s documentation on overriding dependencies](https://doc.rust-lang.org/cargo/reference/overriding-dependencies.html) for more information.`\n",
  "id": "GHSA-7vm6-qwh5-9x44",
  "modified": "2024-11-05T18:35:38Z",
  "published": "2024-11-04T23:22:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/bearcove/loona/security/advisories/GHSA-7vm6-qwh5-9x44"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51502"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mlalic/hpack-rs/issues/11"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bearcove/loona/commit/9a4028ec6484f50a320281271a41a5040ddb1ba8"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-w7hm-hmxv-pvhf"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/bearcove/loona"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "loona-hpack Panic Vulnerability"
}

GHSA-7VV7-V9GP-WHMR

Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2022-05-24 16:45
VLAI
Details

Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-3558"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-06T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.",
  "id": "GHSA-7vv7-v9gp-whmr",
  "modified": "2022-05-24T16:45:14Z",
  "published": "2022-05-24T16:45:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3558"
    },
    {
      "type": "WEB",
      "url": "https://github.com/facebook/fbthrift/commit/c5d6e07588cd03061bc54d451a7fa6e84883d62b"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://www.facebook.com/security/advisories/cve-2019-3558"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108274"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.