Common Weakness Enumeration

CWE-115

Allowed

Misinterpretation of Input

Abstraction: Base · Status: Incomplete

The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.

48 vulnerabilities reference this CWE, most recent first.

GHSA-VC49-QC4G-2225

Vulnerability from github – Published: 2024-04-11 09:30 – Updated: 2024-04-11 09:30
VLAI
Details

A firmware bug which may lead to misinterpretation of data in the AMC2-4WCF and AMC2-2WCF allowing an adversary to grant access to the last authorized user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-32228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-115"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-11T09:15:07Z",
    "severity": "MODERATE"
  },
  "details": "A firmware bug which may lead to misinterpretation of data in the AMC2-4WCF and AMC2-2WCF allowing an adversary to grant access to the last authorized user.",
  "id": "GHSA-vc49-qc4g-2225",
  "modified": "2024-04-11T09:30:56Z",
  "published": "2024-04-11T09:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32228"
    },
    {
      "type": "WEB",
      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-391095-BT.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VFFC-QPX3-764C

Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-20 12:32
VLAI
Details

A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. The application uses a regular expression to parse user input, which can take polynomial time to match certain crafted inputs. This allows an attacker to send a small malicious payload to the server, causing it to become unresponsive and unable to handle any requests from other users.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-12388"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-115",
      "CWE-1333"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-20T10:15:28Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. The application uses a regular expression to parse user input, which can take polynomial time to match certain crafted inputs. This allows an attacker to send a small malicious payload to the server, causing it to become unresponsive and unable to handle any requests from other users.",
  "id": "GHSA-vffc-qpx3-764c",
  "modified": "2025-03-20T12:32:43Z",
  "published": "2025-03-20T12:32:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12388"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/b1c01c94-e477-41db-9d17-601aa25e351c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W6HH-W36C-VXMW

Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-21 03:39
VLAI
Summary
LocalAI Cross-Site Scripting (XSS) vulnerability in its search functionality
Details

mudler/localai version v2.21.1 contains a Cross-Site Scripting (XSS) vulnerability in its search functionality. The vulnerability arises due to improper sanitization of user input, allowing the injection and execution of arbitrary JavaScript code. This can lead to the execution of malicious scripts in the context of the victim's browser, potentially compromising user sessions, stealing session cookies, redirecting users to malicious websites, or manipulating the DOM.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mudler/LocalAI"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.22.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-9900"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-115",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-21T03:39:10Z",
    "nvd_published_at": "2025-03-20T10:15:50Z",
    "severity": "MODERATE"
  },
  "details": "mudler/localai version v2.21.1 contains a Cross-Site Scripting (XSS) vulnerability in its search functionality. The vulnerability arises due to improper sanitization of user input, allowing the injection and execution of arbitrary JavaScript code. This can lead to the execution of malicious scripts in the context of the victim\u0027s browser, potentially compromising user sessions, stealing session cookies, redirecting users to malicious websites, or manipulating the DOM.",
  "id": "GHSA-w6hh-w36c-vxmw",
  "modified": "2025-03-21T03:39:11Z",
  "published": "2025-03-20T12:32:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9900"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mudler/localai/commit/a1634b219a4e52813e70ff07e6376a01449c4515"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mudler/LocalAI"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/b39cd230-db66-471b-89b9-24afaa078e68"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "LocalAI Cross-Site Scripting (XSS) vulnerability in its search functionality"
}

GHSA-WXQ6-7GFP-QPJ4

Vulnerability from github – Published: 2025-06-26 21:31 – Updated: 2025-06-26 21:31
VLAI
Details

Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the ble_process_esp32_msg function. The issue results from misinterpretation of input data. An attacker can leverage this vulnerability to execute AT commands in the context of the device. Was ZDI-CAN-26368.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-5826"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-115"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-25T18:15:23Z",
    "severity": "MODERATE"
  },
  "details": "Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the ble_process_esp32_msg function. The issue results from misinterpretation of input data. An attacker can leverage this vulnerability to execute AT commands in the context of the device. Was ZDI-CAN-26368.",
  "id": "GHSA-wxq6-7gfp-qpj4",
  "modified": "2025-06-26T21:31:13Z",
  "published": "2025-06-26T21:31:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5826"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-345"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X34V-HHV2-P545

Vulnerability from github – Published: 2025-06-06 18:30 – Updated: 2025-06-06 18:30
VLAI
Details

WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this vulnerability.

The specific flaw exists within the handling of command frames received by the MCU. When parsing frames, the process does not properly detect the start of a frame, which can lead to misinterpretation of input. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. Was ZDI-CAN-26501.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-5747"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-115"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-06T16:15:29Z",
    "severity": "HIGH"
  },
  "details": "WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of command frames received by the MCU. When parsing frames, the process does not properly detect the start of a frame, which can lead to misinterpretation of input. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. Was ZDI-CAN-26501.",
  "id": "GHSA-x34v-hhv2-p545",
  "modified": "2025-06-06T18:30:32Z",
  "published": "2025-06-06T18:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5747"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-326"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X8XR-MJ9X-6H7W

Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-18 14:31
VLAI
Summary
Duplicate Advisory: image EXIF Rotation & PNG tRNS Transparency Not Normalized, Causing Mismatch Between Model Input and Expectations
Details

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-8jr5-v98p-w75m. This link is maintained to preserve external references.

Original Description

A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency (tRNS) data, during image processing. When images are converted to RGB, transparency information may be implicitly discarded or remapped, leading to unexpected rendering of transparent pixels and distortion of input content. This can result in the model misinterpreting image content, potentially affecting the integrity of processed data.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "vllm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.11.0"
            },
            {
              "last_affected": "0.23.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-115"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-18T14:31:36Z",
    "nvd_published_at": "2026-06-17T13:20:04Z",
    "severity": "MODERATE"
  },
  "details": "## Duplicate Advisory\n\nThis advisory has been withdrawn because it is a duplicate of\u00a0GHSA-8jr5-v98p-w75m. This link is maintained to preserve external references.\n\n## Original Description\nA flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency (tRNS) data, during image processing. When images are converted to RGB, transparency information may be implicitly discarded or remapped, leading to unexpected rendering of transparent pixels and distortion of input content. This can result in the model misinterpreting image content, potentially affecting the integrity of processed data.",
  "id": "GHSA-x8xr-mj9x-6h7w",
  "modified": "2026-06-18T14:31:36Z",
  "published": "2026-06-17T18:35:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12491"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-12491"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489786"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Duplicate Advisory: image EXIF Rotation \u0026 PNG tRNS Transparency Not Normalized, Causing Mismatch Between Model Input and Expectations",
  "withdrawn": "2026-06-18T14:31:36Z"
}

GHSA-XHQQ-X44F-9FGG

Vulnerability from github – Published: 2022-02-11 23:58 – Updated: 2021-05-21 21:11
VLAI
Summary
Authentication Bypass in github.com/russellhaering/gosaml2
Details

Impact

Given a valid SAML Response, it may be possible for an attacker to mutate the XML document in such a way that gosaml2 will trust a different portion of the document than was signed.

Depending on the implementation of the Service Provider this enables a variety of attacks, including users accessing accounts other than the one to which they authenticated in the Identity Provider, or full authentication bypass.

Patches

Service Providers utilizing gosaml2 should upgrade to v0.6.0 or greater.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/russellhaering/gosaml2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.6.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-29509"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-115"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-21T21:11:37Z",
    "nvd_published_at": "2020-12-14T20:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\nGiven a valid SAML Response, it may be possible for an attacker to mutate the XML document in such a way that gosaml2 will trust a different portion of the document than was signed.\n\nDepending on the implementation of the Service Provider this enables a variety of attacks, including users accessing accounts other than the one to which they authenticated in the Identity Provider, or full authentication bypass.\n\n### Patches\nService Providers utilizing gosaml2 should upgrade to v0.6.0 or greater.",
  "id": "GHSA-xhqq-x44f-9fgg",
  "modified": "2021-05-21T21:11:37Z",
  "published": "2022-02-11T23:58:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/russellhaering/gosaml2/security/advisories/GHSA-xhqq-x44f-9fgg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29509"
    },
    {
      "type": "WEB",
      "url": "https://github.com/russellhaering/gosaml2/commit/42606dafba60c58c458f14f75c4c230459672ab9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2021-0060"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210129-0006"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Authentication Bypass in github.com/russellhaering/gosaml2"
}

GHSA-XXMH-RF63-QWJV

Vulnerability from github – Published: 2025-07-30 16:40 – Updated: 2025-07-31 11:18
VLAI
Summary
GitProxy Backfile Parsing Exploit
Details

Summary

An attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts. By embedding a misleading PACK signature within commit content and carefully constructing the packet structure, the attacker can trick the parser into treating invalid or unintended data as the packfile. Potentially, this would allow bypassing approval or hiding commits.

Details

The affected version of parsePush.ts attempts to locate the Git PACK file by looking for the last occurrence of the string "PACK" in the incoming push payload:

const packStart = buffer.lastIndexOf('PACK');

This assumes that any "PACK" string near the end of the push is the beginning of the actual binary Git packfile. However, Git objects (commits, blobs, etc.) can contain arbitrary content (including the word PACK) in binary or non-compressed blobs.

An attacker could abuse this by: 1. Crafting a custom packfile using low-level Git tools or by manually forging one 2. Placing the string "PACK" inside a commit body or a binary file blob that appears after the real PACK start in the stream.

The parser then ignores the actual push and treats the binary blob/commit body as the PACK file. The actual push contents may violate existing push policies.

PoC

  1. Make a commit on any branch (example: test-branch) containing the string "PACK"
  2. Manually generate a custom packfile with both branches using git pack-objects or a low-level library/custom script: a) Add the string "PACK" after the real packfile's PACK header in the binary stream
  3. Push using a custom client/raw protocol injection

Impact

Attackers with push access can hide commits from scanning/approval and make changes that bypass policies, potentially inserting unwanted/malicious code into a GitProxy protected repository.

The vulnerability impacts all users or organizations relying on GitProxy to enforce policies and prevent unapproved changes. It requires no elevated privileges beyond regular push access, and no extra user interaction, however, it does require a considerable amount of technical skill and intentional effort to accomplish.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.19.1"
      },
      "package": {
        "ecosystem": "npm",
        "name": "@finos/git-proxy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.19.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-54584"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-115"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-30T16:40:07Z",
    "nvd_published_at": "2025-07-30T20:15:38Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nAn attacker can craft a malicious Git packfile to exploit the PACK signature detection in the `parsePush.ts`. By embedding a misleading PACK signature within commit content and carefully constructing the packet structure, the attacker can trick the parser into treating invalid or unintended data as the packfile. Potentially, this would allow bypassing approval or hiding commits.\n\n### Details\nThe affected version of `parsePush.ts` attempts to locate the Git PACK file by looking for the last occurrence of the string \"PACK\" in the incoming push payload:\n\n```ts\nconst packStart = buffer.lastIndexOf(\u0027PACK\u0027);\n```\n\nThis assumes that any \"PACK\" string near the end of the push is the beginning of the actual binary Git packfile. However, Git objects (commits, blobs, etc.) can contain arbitrary content (including the word PACK) in binary or non-compressed blobs.\n\nAn attacker could abuse this by:\n1. Crafting a custom packfile using low-level Git tools or by manually forging one\n2. Placing the string \"PACK\" inside a commit body or a binary file blob that appears after the real PACK start in the stream.\n\nThe parser then ignores the actual push and treats the binary blob/commit body as the PACK file. The actual push contents may violate existing push policies.\n\n### PoC\n\n1. Make a commit on any branch (example: `test-branch`) containing the string \"PACK\"\n2. Manually generate a custom packfile with both branches using `git pack-objects` or a low-level library/custom script:\n  a) Add the string \"PACK\" after the real packfile\u0027s PACK header in the binary stream\n3. Push using a custom client/raw protocol injection\n\n### Impact\n\nAttackers with push access can hide commits from scanning/approval and make changes that bypass policies, potentially inserting unwanted/malicious code into a GitProxy protected repository.\n\nThe vulnerability impacts all users or organizations relying on GitProxy to enforce policies and prevent unapproved changes. It requires no elevated privileges beyond regular push access, and no extra user interaction, however, it does require a considerable amount of technical skill and intentional effort to accomplish.",
  "id": "GHSA-xxmh-rf63-qwjv",
  "modified": "2025-07-31T11:18:40Z",
  "published": "2025-07-30T16:40:07Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/finos/git-proxy/security/advisories/GHSA-xxmh-rf63-qwjv"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54584"
    },
    {
      "type": "WEB",
      "url": "https://github.com/finos/git-proxy/commit/333c98a165a5a1ec88414db3d4a2c6f81e083e0f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/finos/git-proxy"
    },
    {
      "type": "WEB",
      "url": "https://github.com/finos/git-proxy/releases/tag/v1.19.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "GitProxy Backfile Parsing Exploit"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.