Common Weakness Enumeration

CWE-1104

Allowed

Use of Unmaintained Third Party Components

Abstraction: Base · Status: Incomplete

The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.

45 vulnerabilities reference this CWE, most recent first.

GHSA-R6R4-5PR8-GJCP

Vulnerability from github – Published: 2024-01-03 21:44 – Updated: 2024-02-09 00:29
VLAI
Summary
Vapor contains an integer overflow in URI leading to potential host spoofing
Details

Vapor's vapor_urlparser_parse function uses uint16_t indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs.

This vulnerability does not affect Vapor directly but could impact applications relying on the URI type for validating user input.

The URI type is used in several places in Vapor. A developer may decide to use URI to represent a URL in their application (especially if that URL is then passed to the HTTP Client) and rely on its public properties and methods. However, URI may fail to properly parse a valid (albeit abnormally long) URL, due to string ranges being converted to 16-bit integers. An attacker may use this behaviour to trick the application into accepting a URL to an untrusted destination.

By padding the port number with zeros, an attacker can cause an integer overflow to occur when the URL authority is parsed and, as a result, spoof the host.

Impact

Users attempting to treat untrusted input as a URI are vulnerable to a host spoofing attack due to an integer overflow.

Workarounds

Validate user input before parsing as a URI or, if possible, use Foundation's URL and URLComponents utilities.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.89.3"
      },
      "package": {
        "ecosystem": "SwiftURL",
        "name": "github.com/vapor/vapor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.90.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-21631"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1104",
      "CWE-190"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-03T21:44:35Z",
    "nvd_published_at": "2024-01-03T17:15:12Z",
    "severity": "MODERATE"
  },
  "details": "Vapor\u0027s `vapor_urlparser_parse` function uses `uint16_t` indexes when parsing a URI\u0027s components, which may cause integer overflows when parsing untrusted inputs.\n\nThis vulnerability does not affect Vapor directly but could impact applications relying on the URI type for validating user input. \n\nThe URI type is used in several places in Vapor. A developer may decide to use URI to represent a URL in their application (especially if that URL is then passed to the HTTP Client) and rely on its public properties and methods. However, URI may fail to properly parse a valid (albeit abnormally long) URL, due to string ranges being converted to 16-bit integers. An attacker may use this behaviour to trick the application into accepting a URL to an untrusted destination.\n\nBy padding the port number with zeros, an attacker can cause an integer overflow to occur when the URL authority is parsed and, as a result, spoof the host.\n\n### Impact\nUsers attempting to treat untrusted input as a URI are vulnerable to a host spoofing attack due to an integer overflow.\n\n### Workarounds\nValidate user input before parsing as a URI or, if possible, use Foundation\u0027s `URL` and `URLComponents` utilities.",
  "id": "GHSA-r6r4-5pr8-gjcp",
  "modified": "2024-02-09T00:29:14Z",
  "published": "2024-01-03T21:44:35Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/vapor/vapor/security/advisories/GHSA-r6r4-5pr8-gjcp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21631"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vapor/vapor/commit/6db3d917b5ce5024a84eb265ef65691383305d70"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/vapor/vapor"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Vapor contains an integer overflow in URI leading to potential host spoofing"
}

GHSA-RC26-P9P7-95F8

Vulnerability from github – Published: 2026-04-22 21:32 – Updated: 2026-04-22 21:32
VLAI
Details

Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection present in the same application, these primitives allow attackers to escape the AngularJS sandbox and achieve arbitrary JavaScript execution in operator browser sessions, enabling session hijacking, DOM manipulation, and persistent browser compromise. Network-adjacent attackers can deliver the complete injection and escape chain via MITM in plaintext HTTP deployments without active user interaction.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-41468"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1104"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-22T19:17:08Z",
    "severity": "CRITICAL"
  },
  "details": "Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection present in the same application, these primitives allow attackers to escape the AngularJS sandbox and achieve arbitrary JavaScript execution in operator browser sessions, enabling session hijacking, DOM manipulation, and persistent browser compromise. Network-adjacent attackers can deliver the complete injection and escape chain via MITM in plaintext HTTP deployments without active user interaction.",
  "id": "GHSA-rc26-p9p7-95f8",
  "modified": "2026-04-22T21:32:11Z",
  "published": "2026-04-22T21:32:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41468"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kmkz/Exploits/blob/master/2026/CVE-2026-22191-POC.py"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kmkz/Exploits/blob/master/2026/CVE-2026-22191-SicuroWeb-ATI-chain.txt"
    },
    {
      "type": "WEB",
      "url": "https://www.beghelli.it"
    },
    {
      "type": "WEB",
      "url": "https://www.boffsec-services.com/posts/sicuroweb-cve-2026-22191"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/beghelli-sicuro24-sicuroweb-angularjs-sandbox-escape-via-template-injection"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-VFV3-9W6V-23JP

Vulnerability from github – Published: 2022-09-16 17:13 – Updated: 2022-09-16 17:13
VLAI
Summary
typemap is Unmaintained
Details

The maintainer seems unreachable. The crate may or may not be usable as-is despite no maintenance and may not work in future versions of Rust. The last release seems to have been seven years ago.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "typemap"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-1104"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-16T17:13:21Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "The maintainer seems unreachable. The crate may or may not be usable as-is despite no maintenance and may not work in future versions of Rust. The last release seems to have been seven years ago.",
  "id": "GHSA-vfv3-9w6v-23jp",
  "modified": "2022-09-16T17:13:21Z",
  "published": "2022-09-16T17:13:21Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/reem/rust-typemap/issues/45"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/reem/rust-typemap"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2019-0039.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "typemap is Unmaintained"
}

GHSA-VP5C-23J8-3FH2

Vulnerability from github – Published: 2026-06-27 03:31 – Updated: 2026-07-06 18:30
VLAI
Details

HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service.  Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerable third-party components.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-37524"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1104"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-27T02:16:27Z",
    "severity": "HIGH"
  },
  "details": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. \u00a0Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerable third-party components.",
  "id": "GHSA-vp5c-23j8-3fh2",
  "modified": "2026-07-06T18:30:41Z",
  "published": "2026-06-27T03:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37524"
    },
    {
      "type": "WEB",
      "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0131418"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VRWH-33VR-JG7W

Vulnerability from github – Published: 2026-06-26 21:32 – Updated: 2026-06-26 21:32
VLAI
Details

The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious software or an unrecognized application.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-23581"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1104",
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-26T21:16:32Z",
    "severity": "MODERATE"
  },
  "details": "The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious software or an unrecognized application.",
  "id": "GHSA-vrwh-33vr-jg7w",
  "modified": "2026-06-26T21:32:18Z",
  "published": "2026-06-26T21:32:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23581"
    },
    {
      "type": "WEB",
      "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0131417"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.