Common Weakness Enumeration

CWE-843

Allowed

Access of Resource Using Incompatible Type ('Type Confusion')

Abstraction: Base · Status: Incomplete

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

1041 vulnerabilities reference this CWE, most recent first.

GHSA-RQPR-XFVF-QR4V

Vulnerability from github – Published: 2022-05-13 01:21 – Updated: 2022-05-13 01:21
VLAI
Details

Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-10231"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-27T17:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php).",
  "id": "GHSA-rqpr-xfvf-qr4v",
  "modified": "2022-05-13T01:21:43Z",
  "published": "2022-05-13T01:21:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10231"
    },
    {
      "type": "WEB",
      "url": "https://github.com/glpi-project/glpi/pull/5520"
    },
    {
      "type": "WEB",
      "url": "https://github.com/glpi-project/glpi/releases/tag/9.4.1.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RRG9-J69G-XFM7

Vulnerability from github – Published: 2025-01-28 00:32 – Updated: 2025-11-03 21:32
VLAI
Details

A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected application termination or arbitrary code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24137"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-27T22:15:18Z",
    "severity": "HIGH"
  },
  "details": "A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected application termination or arbitrary code execution.",
  "id": "GHSA-rrg9-j69g-xfm7",
  "modified": "2025-11-03T21:32:28Z",
  "published": "2025-01-28T00:32:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24137"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122066"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122067"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122068"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122069"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122071"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122072"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122073"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/13"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/14"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/15"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/16"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/18"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/19"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RRR3-5825-8CG8

Vulnerability from github – Published: 2026-07-02 00:31 – Updated: 2026-07-02 03:31
VLAI
Details

Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-14431"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-01T23:16:51Z",
    "severity": "HIGH"
  },
  "details": "Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-rrr3-5825-8cg8",
  "modified": "2026-07-02T03:31:27Z",
  "published": "2026-07-02T00:31:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-14431"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/523884658"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RRV6-26R4-H5PJ

Vulnerability from github – Published: 2022-09-25 00:00 – Updated: 2022-09-28 00:00
VLAI
Details

A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-32814"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-23T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.",
  "id": "GHSA-rrv6-26r4-h5pj",
  "modified": "2022-09-28T00:00:25Z",
  "published": "2022-09-25T00:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32814"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213340"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213342"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213345"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213346"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213344"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RX33-R3JC-7M3X

Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19
VLAI
Details

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-30818"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-28T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.",
  "id": "GHSA-rx33-r3jc-7m3x",
  "modified": "2022-05-24T19:19:02Z",
  "published": "2022-05-24T19:19:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30818"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212807"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212814"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212815"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212816"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212819"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT212869"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/12/20/6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-RXX5-WMPW-CGMP

Vulnerability from github – Published: 2022-11-09 12:00 – Updated: 2022-11-09 19:02
VLAI
Details

Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-3889"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-09T04:15:00Z",
    "severity": "HIGH"
  },
  "details": "Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)",
  "id": "GHSA-rxx5-wmpw-cgmp",
  "modified": "2022-11-09T19:02:22Z",
  "published": "2022-11-09T12:00:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3889"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1380063"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5275"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RXXM-P26X-J53P

Vulnerability from github – Published: 2026-05-29 00:38 – Updated: 2026-05-29 12:31
VLAI
Details

Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Medium)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-10022"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T23:16:44Z",
    "severity": "HIGH"
  },
  "details": "Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Medium)",
  "id": "GHSA-rxxm-p26x-j53p",
  "modified": "2026-05-29T12:31:24Z",
  "published": "2026-05-29T00:38:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10022"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/513289241"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V2P5-Q653-9J99

Vulnerability from github – Published: 2025-05-02 21:30 – Updated: 2025-05-05 17:25
VLAI
Summary
obfstr Type Confusion vulnerability
Details

In the obfstr crate before 0.4.4 for Rust, the obfstr! argument type is not restricted to string slices, leading to invalid UTF-8 conversion that produces an invalid value.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "obfstr"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.4.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-58253"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-05-05T17:25:08Z",
    "nvd_published_at": "2025-05-02T20:15:19Z",
    "severity": "LOW"
  },
  "details": "In the obfstr crate before 0.4.4 for Rust, the obfstr! argument type is not restricted to string slices, leading to invalid UTF-8 conversion that produces an invalid value.",
  "id": "GHSA-v2p5-q653-9j99",
  "modified": "2025-05-05T17:25:08Z",
  "published": "2025-05-02T21:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58253"
    },
    {
      "type": "WEB",
      "url": "https://github.com/CasualX/obfstr/issues/60"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/CasualX/obfstr"
    },
    {
      "type": "WEB",
      "url": "https://github.com/CasualX/obfstr/compare/v0.4.3...v0.4.4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "obfstr Type Confusion vulnerability"
}

GHSA-V38R-CMM6-V8C3

Vulnerability from github – Published: 2024-11-19 21:31 – Updated: 2024-11-20 18:32
VLAI
Details

In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9339"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704",
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-19T19:15:05Z",
    "severity": "HIGH"
  },
  "details": "In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-v38r-cmm6-v8c3",
  "modified": "2024-11-20T18:32:16Z",
  "published": "2024-11-19T21:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9339"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2018-06-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V39P-96QG-C8RF

Vulnerability from github – Published: 2021-09-01 18:37 – Updated: 2023-09-08 21:25
VLAI
Summary
Prototype Pollution in object-path
Details

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === '__proto__' returns false if currentPath is ['__proto__']. This is because the === operator returns always false when the type of the operands is different.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "object-path"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.11.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-23434"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-843"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-30T18:16:08Z",
    "nvd_published_at": "2021-08-27T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition `currentPath === \u0027__proto__\u0027` returns false if `currentPath` is `[\u0027__proto__\u0027]`. This is because the `===` operator returns always false when the type of the operands is different.",
  "id": "GHSA-v39p-96qg-c8rf",
  "modified": "2023-09-08T21:25:42Z",
  "published": "2021-09-01T18:37:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23434"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mariocasciaro/object-path/commit/7bdf4abefd102d16c163d633e8994ef154cab9eb"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mariocasciaro/object-path"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mariocasciaro/object-path#0116"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mariocasciaro/object-path%230116"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00031.html"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1570423"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1569453"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype Pollution in object-path"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.