CWE-241
AllowedImproper Handling of Unexpected Data Type
Abstraction: Base · Status: Draft
The product does not handle or incorrectly handles when a particular element is not the expected type, e.g. it expects a digit (0-9) but is provided with a letter (A-Z).
55 vulnerabilities reference this CWE, most recent first.
GHSA-W5FC-GJ3H-26RX
Vulnerability from github – Published: 2024-07-10 06:33 – Updated: 2024-07-11 17:25All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpected input types to the channels property of the Speaker object makes it possible to reach an assert macro. Exploiting this vulnerability can lead to a process crash.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "speaker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.5.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-21526"
],
"database_specific": {
"cwe_ids": [
"CWE-241",
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2024-07-10T21:38:31Z",
"nvd_published_at": "2024-07-10T05:15:11Z",
"severity": "HIGH"
},
"details": "All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpected input types to the channels property of the Speaker object makes it possible to reach an assert macro. Exploiting this vulnerability can lead to a process crash.",
"id": "GHSA-w5fc-gj3h-26rx",
"modified": "2024-07-11T17:25:31Z",
"published": "2024-07-10T06:33:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21526"
},
{
"type": "PACKAGE",
"url": "https://github.com/TooTallNate/node-speaker"
},
{
"type": "WEB",
"url": "https://github.com/TooTallNate/node-speaker/blob/316afff5a393fce438cf7296011fcfc6e12aa9dc/src/binding.c#L48"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-JS-SPEAKER-6370676"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "speaker vulnerable to Denial of Service"
}
GHSA-W5GP-J3P5-92CH
Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2024-11-26 18:38Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.
{
"affected": [],
"aliases": [
"CVE-2021-40116"
],
"database_specific": {
"cwe_ids": [
"CWE-241"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-27T19:15:00Z",
"severity": "HIGH"
},
"details": "Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.",
"id": "GHSA-w5gp-j3p5-92ch",
"modified": "2024-11-26T18:38:41Z",
"published": "2022-05-24T19:18:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40116"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X32H-738M-J8GR
Vulnerability from github – Published: 2025-02-06 21:32 – Updated: 2026-02-24 15:30Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer via IPP (Internet Printing Protocol).
{
"affected": [],
"aliases": [
"CVE-2025-1004"
],
"database_specific": {
"cwe_ids": [
"CWE-241"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-06T21:15:22Z",
"severity": "MODERATE"
},
"details": "Certain HP LaserJet Pro printers may potentially\nexperience a denial of service when a user sends a raw JPEG file to the printer\nvia IPP (Internet Printing Protocol).",
"id": "GHSA-x32h-738m-j8gr",
"modified": "2026-02-24T15:30:27Z",
"published": "2025-02-06T21:32:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1004"
},
{
"type": "WEB",
"url": "https://support.hp.com/au-en/document/ish_11927586-11927615-16/hpsbpi03998"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-X6W7-M2CM-96C3
Vulnerability from github – Published: 2025-09-24 00:30 – Updated: 2025-09-24 00:30Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service.
{
"affected": [],
"aliases": [
"CVE-2024-21927"
],
"database_specific": {
"cwe_ids": [
"CWE-241"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-23T22:15:33Z",
"severity": "MODERATE"
},
"details": "Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish\u00ae API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service.",
"id": "GHSA-x6w7-m2cm-96c3",
"modified": "2025-09-24T00:30:41Z",
"published": "2025-09-24T00:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21927"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6016.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-XH29-R2W5-WX8M
Vulnerability from github – Published: 2022-05-23 23:15 – Updated: 2025-05-27 14:51Summary
Nokogiri < v1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers. For CRuby users, this may allow specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory.
Severity
The Nokogiri maintainers have evaluated this as High 8.2 (CVSS3.1).
Mitigation
CRuby users should upgrade to Nokogiri >= 1.13.6.
JRuby users are not affected.
Workarounds
To avoid this vulnerability in affected applications, ensure the untrusted input is a String by calling #to_s or equivalent.
Credit
This vulnerability was responsibly reported by @agustingianni and the Github Security Lab.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "nokogiri"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.13.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-29181"
],
"database_specific": {
"cwe_ids": [
"CWE-241",
"CWE-843"
],
"github_reviewed": true,
"github_reviewed_at": "2022-05-23T23:15:15Z",
"nvd_published_at": "2022-05-20T19:15:00Z",
"severity": "HIGH"
},
"details": "### Summary\n\nNokogiri `\u003c v1.13.6` does not type-check all inputs into the XML and HTML4 SAX parsers. For CRuby users, this may allow specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory.\n\n### Severity\n\nThe Nokogiri maintainers have evaluated this as **High 8.2** (CVSS3.1).\n\n\n### Mitigation\n\nCRuby users should upgrade to Nokogiri `\u003e= 1.13.6`.\n\nJRuby users are not affected.\n\n\n### Workarounds\n\nTo avoid this vulnerability in affected applications, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.\n\n\n### Credit\n\nThis vulnerability was responsibly reported by @agustingianni and the Github Security Lab.",
"id": "GHSA-xh29-r2w5-wx8m",
"modified": "2025-05-27T14:51:05Z",
"published": "2022-05-23T23:15:15Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29181"
},
{
"type": "WEB",
"url": "https://github.com/sparklemotion/nokogiri/commit/83cc451c3f29df397caa890afc3b714eae6ab8f7"
},
{
"type": "WEB",
"url": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2022-29181.yml"
},
{
"type": "PACKAGE",
"url": "https://github.com/sparklemotion/nokogiri"
},
{
"type": "WEB",
"url": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-29"
},
{
"type": "ADVISORY",
"url": "https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213532"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Dec/23"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Nokogiri Improperly Handles Unexpected Data Type"
}
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-20
Strategy: Input Validation
Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
CAPEC-48: Passing Local Filenames to Functions That Expect a URL
This attack relies on client side code to access local files and resources instead of URLs. When the client browser is expecting a URL string, but instead receives a request for a local file, that execution is likely to occur in the browser process space with the browser's authority to local files. The attacker can send the results of this request to the local files out to a site that they control. This attack may be used to steal sensitive authentication data (either local or remote), or to gain system profile information to launch further attacks.