Common Weakness Enumeration

CWE-1023

Allowed-with-Review

Incomplete Comparison with Missing Factors

Abstraction: Class · Status: Incomplete

The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.

21 vulnerabilities reference this CWE, most recent first.

CVE-2021-23146 (GCVE-0-2021-23146)

Vulnerability from cvelistv5 – Published: 2021-11-18 17:59 – Updated: 2024-09-17 02:41
VLAI
Summary
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions.
CWE
Assigner
References
Impacted products
Vendor Product Version
Gallagher Command Center Affected: 8.40 prior to 8.40.1888 (MR3)
Affected: 8.30 prior to 8.30.1359 (MR3)
Affected: 8.20 prior to 8.20.1259 (MR5)
Affected: 8.10 prior to 8.10.1284 (MR7)
Affected: 8.00 and prior
Create a notification for this product.
Date Public
2021-11-15 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:58:26.429Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23146"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Command Center",
          "vendor": "Gallagher",
          "versions": [
            {
              "status": "affected",
              "version": "8.40 prior to 8.40.1888 (MR3)"
            },
            {
              "status": "affected",
              "version": "8.30 prior to 8.30.1359 (MR3)"
            },
            {
              "status": "affected",
              "version": "8.20 prior to 8.20.1259 (MR5)"
            },
            {
              "status": "affected",
              "version": "8.10 prior to 8.10.1284 (MR7)"
            },
            {
              "status": "affected",
              "version": "8.00 and prior"
            }
          ]
        }
      ],
      "datePublic": "2021-11-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1023",
              "description": "CWE-1023",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-29T16:55:25.000Z",
        "orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
        "shortName": "Gallagher"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23146"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "disclosures@gallagher.com",
          "DATE_PUBLIC": "2021-11-15T07:34:00.000Z",
          "ID": "CVE-2021-23146",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Command Center",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.40 prior to 8.40.1888 (MR3)"
                          },
                          {
                            "version_value": "8.30 prior to 8.30.1359 (MR3)"
                          },
                          {
                            "version_value": "8.20 prior to 8.20.1259 (MR5)"
                          },
                          {
                            "version_value": "8.10 prior to 8.10.1284 (MR7)"
                          },
                          {
                            "version_value": "8.00 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Gallagher"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3); 8.20 versions prior to 8.20.1259 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-1023"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.gallagher.com/Security-Advisories/CVE-2021-23146",
              "refsource": "MISC",
              "url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23146"
            }
          ]
        },
        "source": {
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
    "assignerShortName": "Gallagher",
    "cveId": "CVE-2021-23146",
    "datePublished": "2021-11-18T17:59:56.770Z",
    "dateReserved": "2021-01-26T00:00:00.000Z",
    "dateUpdated": "2024-09-17T02:41:22.754Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-5JX8-Q4CP-RHH6

Vulnerability from github – Published: 2026-03-23 06:30 – Updated: 2026-03-30 19:29
VLAI
Summary
jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation
Details

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect compareTo checks that accept out-of-range candidates and thus bias DSA nonces during signature generation.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "jsrsasign"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "11.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-4599"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1023"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-30T19:29:39Z",
    "nvd_published_at": "2026-03-23T06:16:21Z",
    "severity": "CRITICAL"
  },
  "details": "Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect compareTo checks that accept out-of-range candidates and thus bias DSA nonces during signature generation.",
  "id": "GHSA-5jx8-q4cp-rhh6",
  "modified": "2026-03-30T19:29:39Z",
  "published": "2026-03-23T06:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4599"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kjur/jsrsasign/pull/647"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kjur/jsrsasign/commit/ee4b013478366cb16cea9a4bdfb218b6077f83b1"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/Kr0emer/081681818b51605c91945126d74b4f20"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kjur/jsrsasign"
    },
    {
      "type": "WEB",
      "url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370939"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation"
}

GHSA-77Q5-RR5V-X43Q

Vulnerability from github – Published: 2026-07-02 17:22 – Updated: 2026-07-02 17:22
VLAI
Summary
OpenClaw: Trusted retry endpoint checks could match hostname prefixes
Details

Summary

Trusted retry endpoint checks could match hostname prefixes. In affected versions, a retry endpoint URL chosen by lower-trust input could pass validation by using a hostname prefix that resembled a trusted host.

This advisory is scoped to the named feature and configuration. It does not change OpenClaw's trusted-operator model: authenticated Gateway operators, installed plugins, and intentional local execution surfaces remain trusted unless a separate policy, approval, allowlist, sandbox, or auth boundary is crossed.

Impact

When the affected feature is enabled and reachable, this could send authentication material to an endpoint outside the intended trust target. Practical impact depends on the operator's configuration and whether lower-trust input can reach that path.

Patched Versions

The first stable patched version is 2026.5.7.

Mitigations

pin retry endpoints to exact trusted origins until patched. As general hardening, keep channel and tool allowlists narrow, avoid sharing one Gateway between mutually untrusted users, and disable the affected feature when it is not needed.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.5.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-1023",
      "CWE-20",
      "CWE-345"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-02T17:22:11Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Summary\n\nTrusted retry endpoint checks could match hostname prefixes. In affected versions, a retry endpoint URL chosen by lower-trust input could pass validation by using a hostname prefix that resembled a trusted host.\n\nThis advisory is scoped to the named feature and configuration. It does not change OpenClaw\u0027s trusted-operator model: authenticated Gateway operators, installed plugins, and intentional local execution surfaces remain trusted unless a separate policy, approval, allowlist, sandbox, or auth boundary is crossed.\n\n### Impact\n\nWhen the affected feature is enabled and reachable, this could send authentication material to an endpoint outside the intended trust target. Practical impact depends on the operator\u0027s configuration and whether lower-trust input can reach that path.\n\n### Patched Versions\n\nThe first stable patched version is `2026.5.7`.\n\n### Mitigations\n\npin retry endpoints to exact trusted origins until patched. As general hardening, keep channel and tool allowlists narrow, avoid sharing one Gateway between mutually untrusted users, and disable the affected feature when it is not needed.",
  "id": "GHSA-77q5-rr5v-x43q",
  "modified": "2026-07-02T17:22:11Z",
  "published": "2026-07-02T17:22:11Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-77q5-rr5v-x43q"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw: Trusted retry endpoint checks could match hostname prefixes"
}

GHSA-89FG-R5W5-HH2W

Vulnerability from github – Published: 2025-02-05 12:33 – Updated: 2025-02-05 21:32
VLAI
Details

An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-5528"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1023",
      "CWE-697"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-05T11:15:17Z",
    "severity": "LOW"
  },
  "details": "An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages.",
  "id": "GHSA-89fg-r5w5-hh2w",
  "modified": "2025-02-05T21:32:35Z",
  "published": "2025-02-05T12:33:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5528"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/2523654"
    },
    {
      "type": "WEB",
      "url": "https://about.gitlab.com/releases/2024/07/10/patch-release-gitlab-17-1-2-released"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/464558"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-923M-GV2P-W5QP

Vulnerability from github – Published: 2026-06-03 15:30 – Updated: 2026-06-03 15:30
VLAI
Details

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.utils.cache.has_vary_header() in Django does not strip leading or trailing whitespace from Vary response header values before comparison, which allows remote attackers to read cached responses via requests to URLs whose responses contain whitespace-padded Vary header values. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Navid Rezazadeh for reporting this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-48587"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1023"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-03T14:16:44Z",
    "severity": "LOW"
  },
  "details": "An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6.\n`django.utils.cache.has_vary_header()` in Django does not strip leading or trailing whitespace from `Vary` response header values before comparison, which allows remote attackers to read cached responses via requests to URLs whose responses contain whitespace-padded Vary header values.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Navid Rezazadeh for reporting this issue.",
  "id": "GHSA-923m-gv2p-w5qp",
  "modified": "2026-06-03T15:30:43Z",
  "published": "2026-06-03T15:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48587"
    },
    {
      "type": "WEB",
      "url": "https://docs.djangoproject.com/en/dev/releases/security"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/g/django-announce"
    },
    {
      "type": "WEB",
      "url": "https://www.djangoproject.com/weblog/2026/jun/03/security-releases"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-C65P-X677-FGJ6

Vulnerability from github – Published: 2025-05-28 18:03 – Updated: 2025-05-29 21:36
VLAI
Summary
vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
Details

Summary

In the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image objects using only obj.tobytes(), which returns only the raw pixel data, without including metadata such as the image’s shape (width, height, mode). As a result, two images of different sizes (e.g., 30x100 and 100x30) with the same pixel byte sequence could generate the same hash value. This may lead to hash collisions, incorrect cache hits, and even data leakage or security risks.

Details

  • Affected file: vllm/multimodal/hasher.py
  • Affected method: MultiModalHasher.serialize_item https://github.com/vllm-project/vllm/blob/9420a1fc30af1a632bbc2c66eb8668f3af41f026/vllm/multimodal/hasher.py#L34-L35
  • Current behavior: For Image.Image instances, only obj.tobytes() is used for hashing.
  • Problem description: obj.tobytes() does not include the image’s width, height, or mode metadata.
  • Impact: Two images with the same pixel byte sequence but different sizes could be regarded as the same image by the cache and hashing system, which may result in:
    • Incorrect cache hits, leading to abnormal responses
    • Deliberate construction of images with different meanings but the same hash value

Recommendation

In the serialize_item method, serialization of Image.Image objects should include not only pixel data, but also all critical metadata—such as dimensions (size), color mode (mode), format, and especially the info dictionary. The info dictionary is particularly important in palette-based images (e.g., mode 'P'), where the palette itself is stored in info. Ignoring info can result in hash collisions between visually distinct images with the same pixel bytes but different palettes or metadata. This can lead to incorrect cache hits or even data leakage.

Summary:
Serializing only the raw pixel data is insecure. Always include all image metadata (size, mode, format, info) in the hash calculation to prevent collisions, especially in cases like palette-based images.

Impact for other modalities For the influence of other modalities, since the video modality is transformed into a multi-dimensional array containing the length, width, time, etc. of the video, the same problem exists due to the incorrect sequence of numpy as well.

For audio, since the momo function is not enabled in librosa.load, the loaded audio is automatically encoded into single channels by librosa and returns a one-dimensional array of numpy, thus keeping the structure of numpy fixed and not affected by this issue.

Fixes

  • https://github.com/vllm-project/vllm/pull/17378
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "vllm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.7.0"
            },
            {
              "fixed": "0.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-46722"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1023",
      "CWE-1288"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-05-28T18:03:41Z",
    "nvd_published_at": "2025-05-29T17:15:21Z",
    "severity": "MODERATE"
  },
  "details": "## Summary\n\nIn the file `vllm/multimodal/hasher.py`, the `MultiModalHasher` class has a security and data integrity issue in its image hashing method. Currently, it serializes `PIL.Image.Image` objects using only `obj.tobytes()`, which returns only the raw pixel data, without including metadata such as the image\u2019s shape (width, height, mode). As a result, two images of different sizes (e.g., 30x100 and 100x30) with the same pixel byte sequence could generate the same hash value. This may lead to hash collisions, incorrect cache hits, and even data leakage or security risks.\n\n## Details\n\n- **Affected file:** `vllm/multimodal/hasher.py`\n- **Affected method:** `MultiModalHasher.serialize_item`\nhttps://github.com/vllm-project/vllm/blob/9420a1fc30af1a632bbc2c66eb8668f3af41f026/vllm/multimodal/hasher.py#L34-L35\n- **Current behavior:** For `Image.Image` instances, only `obj.tobytes()` is used for hashing.\n- **Problem description:** `obj.tobytes()` does not include the image\u2019s width, height, or mode metadata.\n- **Impact:** Two images with the same pixel byte sequence but different sizes could be regarded as the same image by the cache and hashing system, which may result in:\n    - Incorrect cache hits, leading to abnormal responses\n    - Deliberate construction of images with different meanings but the same hash value\n\n\n## Recommendation\n\nIn the `serialize_item` method, **serialization of `Image.Image` objects should include not only pixel data, but also all critical metadata**\u2014such as dimensions (`size`), color mode (`mode`), format, and especially the `info` dictionary. The `info` dictionary is particularly important in palette-based images (e.g., mode `\u0027P\u0027`), where the palette itself is stored in `info`. Ignoring `info` can result in hash collisions between visually distinct images with the same pixel bytes but different palettes or metadata. This can lead to incorrect cache hits or even data leakage.\n\n**Summary:**  \nSerializing only the raw pixel data is insecure. Always include all image metadata (`size`, `mode`, `format`, `info`) in the hash calculation to prevent collisions, especially in cases like palette-based images.\n\n**Impact for other modalities**\nFor the influence of other modalities, since the video modality is transformed into a multi-dimensional array containing the length, width, time, etc. of the video, the same problem exists due to the incorrect sequence of numpy as well.\n\nFor audio, since the momo function is not enabled in librosa.load, the loaded audio is automatically encoded into single channels by librosa and returns a one-dimensional array of numpy, thus keeping the structure of numpy fixed and not affected by this issue.\n\n## Fixes\n\n* https://github.com/vllm-project/vllm/pull/17378",
  "id": "GHSA-c65p-x677-fgj6",
  "modified": "2025-05-29T21:36:24Z",
  "published": "2025-05-28T18:03:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-c65p-x677-fgj6"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46722"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vllm-project/vllm/pull/17378"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vllm-project/vllm/commit/99404f53c72965b41558aceb1bc2380875f5d848"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/vllm/PYSEC-2025-43.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/vllm-project/vllm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "vLLM has a Weakness in MultiModalHasher Image Hashing Implementation"
}

GHSA-CV2V-P23M-2Q4H

Vulnerability from github – Published: 2025-12-18 21:31 – Updated: 2026-01-15 00:31
VLAI
Details

BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-62000"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1023"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-18T21:15:53Z",
    "severity": "MODERATE"
  },
  "details": "BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.",
  "id": "GHSA-cv2v-p23m-2q4h",
  "modified": "2026-01-15T00:31:38Z",
  "published": "2025-12-18T21:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62000"
    },
    {
      "type": "WEB",
      "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/VA-25-352-01.json"
    },
    {
      "type": "WEB",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62000"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-MCX4-VM6V-R473

Vulnerability from github – Published: 2026-06-05 18:31 – Updated: 2026-06-09 18:30
VLAI
Details

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a destination IP matching its configured decapsulation IP. This occurs because the switch does not verify the tunnel protocol type, potentially leading to the unexpected processing of non-configured tunnel traffic.

This issue has been reported as being exploited in the wild.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-7473"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1023"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-05T17:17:02Z",
    "severity": "MODERATE"
  },
  "details": "On affected platforms running Arista EOS where a tunnel decapsulation configuration\u2014such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface\u2014is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a destination IP matching its configured decapsulation IP. This occurs because the switch does not verify the tunnel protocol type, potentially leading to the unexpected processing of non-configured tunnel traffic.\n\n\n\nThis issue has been reported as being exploited in the wild.",
  "id": "GHSA-mcx4-vm6v-r473",
  "modified": "2026-06-09T18:30:34Z",
  "published": "2026-06-05T18:31:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7473"
    },
    {
      "type": "WEB",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22872-security-advisory-0137"
    },
    {
      "type": "WEB",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-7473"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-VM86-55H3-W686

Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-10-14 18:30
VLAI
Details

Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-55333"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1023"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-14T17:15:46Z",
    "severity": "MODERATE"
  },
  "details": "Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.",
  "id": "GHSA-vm86-55h3-w686",
  "modified": "2025-10-14T18:30:30Z",
  "published": "2025-10-14T18:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55333"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55333"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WCPV-6HG7-MFCC

Vulnerability from github – Published: 2026-06-13 00:34 – Updated: 2026-06-13 00:34
VLAI
Details

OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoints.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-53839"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1023"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-12T22:16:55Z",
    "severity": "MODERATE"
  },
  "details": "OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoints.",
  "id": "GHSA-wcpv-6hg7-mfcc",
  "modified": "2026-06-13T00:34:33Z",
  "published": "2026-06-13T00:34:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-77q5-rr5v-x43q"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53839"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-hostname-prefix-matching-bypass-in-trusted-retry-endpoint-validation"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.