Common Weakness Enumeration

CWE-252

Allowed

Unchecked Return Value

Abstraction: Base · Status: Draft

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

227 vulnerabilities reference this CWE, most recent first.

GHSA-4X34-CHG5-MWJJ

Vulnerability from github – Published: 2026-07-06 19:27 – Updated: 2026-07-06 19:27
VLAI
Summary
chmod: recursive mode returns exit code 0 even when some files fail (last-file-wins)
Details

In Chmoder::chmod() the recursive branch overwrites the running result instead of accumulating it, so the exit code reflects only the last file processed:

if self.recursive {
    r = self.walk_dir_with_context(file, true);   // overwrites r
} else {
    r = self.chmod_file(file).and(r);
}

PoC: GNU returns 1 when a file fails; uutils returns 0 if the last entry succeeds:

$ chmod -R 0755 chmod-bug/root chmod-bug/user  # GNU -> ret=1
$ uutils chmod -R 0755 chmod-bug/root chmod-bug/user  # -> ret=0

Impact: scripts relying on the exit code get a false success signal while some files retained restrictive/unexpected permissions, leading to access-control misconfigurations. Recommendation: accumulate errors during traversal.

Remediation: Acknowledged by Canonical; fixed in commit abd581f6.


Reported by Zellic in the uutils coreutils Program Security Assessment (prepared for Canonical, Jan 20 2026), audited commit 3a07ffc5a9bd4c283e75afa548ba1f1957bad242. Finding 3.2. Credit: Zellic.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "uu_chmod"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.6.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-35339"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252",
      "CWE-253",
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-06T19:27:41Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "In `Chmoder::chmod()` the recursive branch overwrites the running result instead of accumulating it, so the exit code reflects only the *last* file processed:\n\n```\nif self.recursive {\n    r = self.walk_dir_with_context(file, true);   // overwrites r\n} else {\n    r = self.chmod_file(file).and(r);\n}\n```\n\n**PoC:** GNU returns 1 when a file fails; uutils returns 0 if the last entry succeeds:\n\n```\n$ chmod -R 0755 chmod-bug/root chmod-bug/user  # GNU -\u003e ret=1\n$ uutils chmod -R 0755 chmod-bug/root chmod-bug/user  # -\u003e ret=0\n```\n\n**Impact:** scripts relying on the exit code get a false success signal while some files retained restrictive/unexpected permissions, leading to access-control misconfigurations. Recommendation: accumulate errors during traversal.\n\n**Remediation:** Acknowledged by Canonical; fixed in commit abd581f6.\n\n---\n_Reported by Zellic in the *uutils coreutils Program Security Assessment* (prepared for Canonical, Jan 20 2026), audited commit `3a07ffc5a9bd4c283e75afa548ba1f1957bad242`. Finding 3.2. Credit: Zellic._",
  "id": "GHSA-4x34-chg5-mwjj",
  "modified": "2026-07-06T19:27:41Z",
  "published": "2026-07-06T19:27:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/uutils/coreutils/security/advisories/GHSA-4x34-chg5-mwjj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35339"
    },
    {
      "type": "WEB",
      "url": "https://github.com/uutils/coreutils/pull/9793"
    },
    {
      "type": "WEB",
      "url": "https://github.com/uutils/coreutils/commit/abd581f62e97d0b147306ac40eac13af71c6fbba"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/uutils/coreutils"
    },
    {
      "type": "WEB",
      "url": "https://github.com/uutils/coreutils/releases/tag/0.6.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "chmod: recursive mode returns exit code 0 even when some files fail (last-file-wins)"
}

GHSA-5426-CCH2-9RW5

Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27
VLAI
Details

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-14367"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-19T02:29:00Z",
    "severity": "HIGH"
  },
  "details": "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.",
  "id": "GHSA-5426-cch2-9rw5",
  "modified": "2022-05-13T01:27:51Z",
  "published": "2022-05-13T01:27:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14367"
    },
    {
      "type": "WEB",
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14966"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81ce5fcb3e37a0aaeb7532f7a2a09366f16fa310"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2018-42.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104847"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041608"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5559-MWX3-3R74

Vulnerability from github – Published: 2025-08-19 18:31 – Updated: 2026-01-07 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

iwlwifi: Add missing check for alloc_ordered_workqueue

Add check for the return value of alloc_ordered_workqueue since it may return NULL pointer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38602"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-19T17:15:38Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
  "id": "GHSA-5559-mwx3-3r74",
  "modified": "2026-01-07T21:31:39Z",
  "published": "2025-08-19T18:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38602"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2e9f85ee3b46453a2f250a57d3a9f10c70c71202"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6663c52608d8d8727bf1911e6d9218069ba1c85e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/70a1b527eaea9430b1bd87de59f3b9f6bd225701"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7dd6350307af6521b6240b295c93b7eec4daebe6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/90a0d9f339960448a3acc1437a46730f975efd6a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b398120fbe0acfef60b16f6a0f69902d385d7728"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c0e43c3f6c0a79381b468574c241065998412b7c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c80832d445653baba5ac80cd2c2637c437ac881b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ca980f1911a7144d451d1c31298ab8507c6bd88f"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5C52-PCR5-2P4M

Vulnerability from github – Published: 2025-04-27 03:30 – Updated: 2025-04-27 03:30
VLAI
Details

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-46672"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-27T01:15:44Z",
    "severity": "LOW"
  },
  "details": "NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking.",
  "id": "GHSA-5c52-pcr5-2p4m",
  "modified": "2025-04-27T03:30:22Z",
  "published": "2025-04-27T03:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46672"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/pull/360"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2"
    },
    {
      "type": "WEB",
      "url": "https://securitybynature.fr/post/hacking-cryptolib"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5JVW-5R9C-59Q7

Vulnerability from github – Published: 2022-05-01 02:26 – Updated: 2022-05-01 02:26
VLAI
Details

The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2005-4360"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-12-20T01:03:00Z",
    "severity": "HIGH"
  },
  "details": "The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to \".dll\" followed by arguments such as \"~0\" through \"~9\", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using \"/_vti_bin/.dll/*/~0\".  NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot).",
  "id": "GHSA-5jvw-5r9c-59q7",
  "modified": "2022-05-01T02:26:34Z",
  "published": "2022-05-01T02:26:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-4360"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-041"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1703"
    },
    {
      "type": "WEB",
      "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html"
    },
    {
      "type": "WEB",
      "url": "http://ingehenriksen.blogspot.com/2005/12/microsoft-iis-remote-dos-dll-url.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18106"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/271"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/alerts/2005/Dec/1015376.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/21805"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/419707/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/15921"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-191A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/2963"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-5M9V-M547-62QF

Vulnerability from github – Published: 2026-01-15 00:31 – Updated: 2026-01-15 00:31
VLAI
Details

A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as “On” in the BIOS setup menu. This issue only affects systems where Secure Boot is set to User Mode.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-0421"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-14T23:15:56Z",
    "severity": "HIGH"
  },
  "details": "A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as \u201cOn\u201d in the BIOS setup menu. This issue only affects systems where Secure Boot is set to User Mode.",
  "id": "GHSA-5m9v-m547-62qf",
  "modified": "2026-01-15T00:31:38Z",
  "published": "2026-01-15T00:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0421"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-210688"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-5R46-Q4X7-6FX6

Vulnerability from github – Published: 2022-09-01 00:00 – Updated: 2022-09-08 00:00
VLAI
Details

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-1319"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-31T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.",
  "id": "GHSA-5r46-q4x7-6fx6",
  "modified": "2022-09-08T00:00:33Z",
  "published": "2022-09-01T00:00:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1319"
    },
    {
      "type": "WEB",
      "url": "https://github.com/undertow-io/undertow/commit/1443a1a2bbb8e32e56788109d8285db250d55c8b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/undertow-io/undertow/commit/7c5b3ab885b5638fd3f1e8a935d5063d68aa2df3"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2022-1319"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890"
    },
    {
      "type": "WEB",
      "url": "https://issues.redhat.com/browse/UNDERTOW-2060"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20221014-0006"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-62PG-X942-M53F

Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-05-24 19:12
VLAI
Details

IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions. IBM X-Force ID: 205529.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-29853"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-01T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions. IBM X-Force ID: 205529.",
  "id": "GHSA-62pg-x942-m53f",
  "modified": "2022-05-24T19:12:41Z",
  "published": "2022-05-24T19:12:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29853"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/205529"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6480413"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6676-52PP-H5FG

Vulnerability from github – Published: 2022-05-24 17:36 – Updated: 2022-05-24 17:36
VLAI
Details

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the states connect and disconnect. As a consequence, the block backend may re-use a pointer after it was freed. A misbehaving guest can trigger a dom0 crash by continuously connecting / disconnecting a block frontend. Privilege escalation and information leaks cannot be ruled out. This only affects systems with a Linux blkback.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-29569"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252",
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-15T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-\u003exenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the states connect and disconnect. As a consequence, the block backend may re-use a pointer after it was freed. A misbehaving guest can trigger a dom0 crash by continuously connecting / disconnecting a block frontend. Privilege escalation and information leaks cannot be ruled out. This only affects systems with a Linux blkback.",
  "id": "GHSA-6676-52pp-h5fg",
  "modified": "2022-05-24T17:36:34Z",
  "published": "2022-05-24T17:36:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29569"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202107-30"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210205-0001"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4843"
    },
    {
      "type": "WEB",
      "url": "https://xenbits.xenproject.org/xsa/advisory-350.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-67XF-XPHQ-9MCC

Vulnerability from github – Published: 2022-08-25 00:00 – Updated: 2025-11-04 00:30
VLAI
Details

A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-4189"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-252"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-24T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.",
  "id": "GHSA-67xf-xphq-9mcc",
  "modified": "2025-11-04T00:30:32Z",
  "published": "2022-08-25T00:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4189"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2021-4189"
    },
    {
      "type": "WEB",
      "url": "https://bugs.python.org/issue43285"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036020"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://python-security.readthedocs.io/vuln/ftplib-pasv.html"
    },
    {
      "type": "WEB",
      "url": "https://security-tracker.debian.org/tracker/CVE-2021-4189"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20221104-0004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-53
Implementation

Check the results of all functions that return a value and verify that the value is expected.

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Implementation

Ensure that you account for all possible return values from the function.

Mitigation
Implementation

When designing a function, make sure you return a value or throw an exception in case of an error.

No CAPEC attack patterns related to this CWE.