Common Weakness Enumeration

CWE-1287

Allowed

Improper Validation of Specified Type of Input

Abstraction: Base · Status: Incomplete

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

259 vulnerabilities reference this CWE, most recent first.

GHSA-3J9F-7W24-PCQG

Vulnerability from github – Published: 2025-11-24 18:31 – Updated: 2025-12-17 00:39
VLAI
Summary
Free5GC is vulnerable to DoS via the Nudm_SubscriberDataManagement API
Details

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via the Nudm_SubscriberDataManagement API.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/free5gc/udm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/free5gc/openapi"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-60633"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-11-25T21:40:56Z",
    "nvd_published_at": "2025-11-24T16:15:50Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via the Nudm_SubscriberDataManagement API.",
  "id": "GHSA-3j9f-7w24-pcqg",
  "modified": "2025-12-17T00:39:12Z",
  "published": "2025-11-24T18:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60633"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/free5gc/issues/700"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/free5gc/issues/701"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/free5gc/issues/702"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/free5gc/issues/703"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/openapi/pull/65"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/udm/pull/63"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/udm/pull/65"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/udm/pull/66"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/openapi/commit/d50c83e8fe7ebf9a62d9de99517e21a17f627b52"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/udm/commit/57c56a3ad4bc53a62cab259045e78ec9abdb98ca"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/udm/commit/ca9976857909a422dcff5bf2228756fc2bfc80d1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/free5gc/udm/commit/e776c42177817f75e75e7a587c58c2a027beed81"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-3j9f-7w24-pcqg"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/free5gc/pcf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Free5GC is vulnerable to DoS via the Nudm_SubscriberDataManagement API"
}

GHSA-3VFG-JJ7G-VWJ6

Vulnerability from github – Published: 2026-03-22 15:31 – Updated: 2026-03-22 15:31
VLAI
Details

SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 repeated characters into the Name input during registration to trigger an application crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-25596"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-22T14:16:26Z",
    "severity": "MODERATE"
  },
  "details": "SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 repeated characters into the Name input during registration to trigger an application crash.",
  "id": "GHSA-3vfg-jj7g-vwj6",
  "modified": "2026-03-22T15:31:28Z",
  "published": "2026-03-22T15:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25596"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46778"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/spotauditor-name-field-denial-of-service"
    },
    {
      "type": "WEB",
      "url": "http://spotauditor.nsauditor.com/downloads/spotauditor_setup.exe"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-42VC-W257-PP26

Vulnerability from github – Published: 2024-03-18 06:30 – Updated: 2025-03-27 21:31
VLAI
Details

The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47156"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-18T05:15:06Z",
    "severity": "MODERATE"
  },
  "details": "The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.",
  "id": "GHSA-42vc-w257-pp26",
  "modified": "2025-03-27T21:31:03Z",
  "published": "2024-03-18T06:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47156"
    },
    {
      "type": "WEB",
      "url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/Net-IPAddress-Util"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4352-C2M7-MC59

Vulnerability from github – Published: 2025-12-02 03:31 – Updated: 2025-12-02 15:30
VLAI
Details

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20756"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-02T03:16:16Z",
    "severity": "MODERATE"
  },
  "details": "In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643.",
  "id": "GHSA-4352-c2m7-mc59",
  "modified": "2025-12-02T15:30:30Z",
  "published": "2025-12-02T03:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20756"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/December-2025"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4477-RPCX-R84Q

Vulnerability from github – Published: 2024-10-11 18:32 – Updated: 2024-10-11 18:32
VLAI
Details

An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos).

When a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart.

This issue affects Junos OS:

  • 22.1 releases 22.1R1 and later before 22.2R3-S5,
  • 22.3 releases before 22.3R3-S4,
  • 22.4 releases before 22.4R3-S4,
  • 23.2 releases before 23.2R2-S2,
  • 23.4 releases before 23.4R2-S1,
  • 24.2 releases before 24.2R1-S1, 24.2R2.

Please note that the PR does indicate that earlier versions have been fixed as well, but these won't be adversely impacted by this.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-47504"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-11T16:15:11Z",
    "severity": "HIGH"
  },
  "details": "An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos).\n\nWhen a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart.\n\nThis issue affects Junos OS:\n\n  *  22.1 releases 22.1R1 and later before 22.2R3-S5,\n  *  22.3 releases before 22.3R3-S4,\n  *  22.4 releases before 22.4R3-S4,\n  *  23.2 releases before 23.2R2-S2,\n  *  23.4 releases before 23.4R2-S1,\n  *  24.2 releases before 24.2R1-S1, 24.2R2.\n\n\nPlease note that the PR does indicate that earlier versions have been fixed as well, but these won\u0027t be adversely impacted by this.",
  "id": "GHSA-4477-rpcx-r84q",
  "modified": "2024-10-11T18:32:49Z",
  "published": "2024-10-11T18:32:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47504"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA88134"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-45V9-W9FH-33J6

Vulnerability from github – Published: 2025-01-15 18:30 – Updated: 2025-01-17 15:50
VLAI
Summary
Mattermost fails to properly validate post props
Details

Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mattermost/mattermost/server/v8"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.2.0"
            },
            {
              "fixed": "10.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 10.1.3"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mattermost/mattermost/server/v8"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.1.0"
            },
            {
              "fixed": "10.1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 10.0.3"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mattermost/mattermost/server/v8"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 9.11.5"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mattermost/mattermost/server/v8"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.11.0"
            },
            {
              "fixed": "9.11.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mattermost/mattermost/server/v8"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.0.0-20241127161322-25ff7a3779a5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-20088"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-01-15T21:25:35Z",
    "nvd_published_at": "2025-01-15T17:15:19Z",
    "severity": "MODERATE"
  },
  "details": "Mattermost versions 10.2.x \u003c= 10.2.0, 9.11.x \u003c= 9.11.5, 10.0.x \u003c= 10.0.3, 10.1.x \u003c= 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.",
  "id": "GHSA-45v9-w9fh-33j6",
  "modified": "2025-01-17T15:50:37Z",
  "published": "2025-01-15T18:30:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20088"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mattermost/mattermost"
    },
    {
      "type": "WEB",
      "url": "https://mattermost.com/security-updates"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2025-3394"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Mattermost fails to properly validate post props"
}

GHSA-4PR9-79MG-GHJX

Vulnerability from github – Published: 2025-11-11 09:30 – Updated: 2025-11-11 09:30
VLAI
Details

ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-6298"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-11T07:15:35Z",
    "severity": "MODERATE"
  },
  "details": "ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a\u00a0malicious ACAP application.",
  "id": "GHSA-4pr9-79mg-ghjx",
  "modified": "2025-11-11T09:30:30Z",
  "published": "2025-11-11T09:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6298"
    },
    {
      "type": "WEB",
      "url": "https://www.axis.com/dam/public/ef/91/c3/cve-2025-6298pdf-en-US-504215.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4Q8M-H8WC-99Q6

Vulnerability from github – Published: 2024-10-23 18:33 – Updated: 2024-10-23 18:33
VLAI
Details

A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker would need valid remote access VPN user credentials on the affected device.

This vulnerability is due to improper validation of data in HTTPS POST requests. An attacker could exploit this vulnerability by sending a crafted HTTPS POST request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-20408"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-23T18:15:08Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker would need valid remote access VPN user credentials on the affected device.\n\n This vulnerability is due to improper validation of data in HTTPS POST requests. An attacker could exploit this vulnerability by sending a crafted HTTPS POST request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.",
  "id": "GHSA-4q8m-h8wc-99q6",
  "modified": "2024-10-23T18:33:09Z",
  "published": "2024-10-23T18:33:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20408"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dap-dos-bhEkP7n"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4XVM-58X2-M87C

Vulnerability from github – Published: 2024-12-05 15:31 – Updated: 2025-02-27 18:31
VLAI
Details

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.  Affected products:

ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-51551"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287",
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-05T13:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.\u00a0\nAffected products:\n\n\nABB ASPECT - Enterprise v3.07.02; \nNEXUS Series v3.07.02; \nMATRIX Series v3.07.02",
  "id": "GHSA-4xvm-58x2-m87c",
  "modified": "2025-02-27T18:31:05Z",
  "published": "2024-12-05T15:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51551"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-56VM-QXHC-5P2F

Vulnerability from github – Published: 2024-04-07 21:30 – Updated: 2025-11-04 18:30
VLAI
Details

In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-31948"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-07T21:15:07Z",
    "severity": "MODERATE"
  },
  "details": "In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.",
  "id": "GHSA-56vm-qxhc-5p2f",
  "modified": "2025-11-04T18:30:46Z",
  "published": "2024-04-07T21:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31948"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/pull/15628"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/pull/15628/commits/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00007.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

No CAPEC attack patterns related to this CWE.