Common Weakness Enumeration

CWE-617

Allowed

Reachable Assertion

Abstraction: Base · Status: Draft

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

990 vulnerabilities reference this CWE, most recent first.

GHSA-G39R-297W-VH94

Vulnerability from github – Published: 2025-07-12 21:30 – Updated: 2025-07-12 21:30
VLAI
Details

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_recv_handler/s1ap_recv_handler/recv_handler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached locally. The patch is named cfa44575020f3fb045fd971358442053c8684d3d. It is recommended to apply a patch to fix this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-7485"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-12T19:15:25Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_recv_handler/s1ap_recv_handler/recv_handler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached locally. The patch is named cfa44575020f3fb045fd971358442053c8684d3d. It is recommended to apply a patch to fix this issue.",
  "id": "GHSA-g39r-297w-vh94",
  "modified": "2025-07-12T21:30:20Z",
  "published": "2025-07-12T21:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7485"
    },
    {
      "type": "WEB",
      "url": "https://github.com/open5gs/open5gs/issues/3878"
    },
    {
      "type": "WEB",
      "url": "https://github.com/open5gs/open5gs/issues/3878#issuecomment-2853775136"
    },
    {
      "type": "WEB",
      "url": "https://github.com/open5gs/open5gs/commit/cfa44575020f3fb045fd971358442053c8684d3d"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.316135"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.316135"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.610601"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-G468-QJ8G-VCJC

Vulnerability from github – Published: 2022-09-16 21:22 – Updated: 2022-09-16 21:22
VLAI
Summary
TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs`
Details

Impact

When tensorflow::full_type::SubstituteFromAttrs receives a FullTypeDef& t that is not exactly three args, it triggers a CHECK-fail instead of returning a status.

Status SubstituteForEach(AttrMap& attrs, FullTypeDef& t) {
  DCHECK_EQ(t.args_size(), 3);

  const auto& cont = t.args(0);
  const auto& tmpl = t.args(1);
  const auto& t_var = t.args(2);

Patches

We have patched the issue in GitHub commit 6104f0d4091c260ce9352f9155f7e9b725eab012. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.7.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.8.0"
            },
            {
              "fixed": "2.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.7.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.8.0"
            },
            {
              "fixed": "2.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.7.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.8.0"
            },
            {
              "fixed": "2.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-36016"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-16T21:22:51Z",
    "nvd_published_at": "2022-09-16T23:15:00Z",
    "severity": "LOW"
  },
  "details": "### Impact\nWhen [`tensorflow::full_type::SubstituteFromAttrs`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ops/math_ops.cc) receives a `FullTypeDef\u0026 t` that is not exactly three args, it triggers a `CHECK`-fail instead of returning a status.\n```cpp\nStatus SubstituteForEach(AttrMap\u0026 attrs, FullTypeDef\u0026 t) {\n  DCHECK_EQ(t.args_size(), 3);\n\n  const auto\u0026 cont = t.args(0);\n  const auto\u0026 tmpl = t.args(1);\n  const auto\u0026 t_var = t.args(2);\n```\n\n### Patches\nWe have patched the issue in GitHub commit [6104f0d4091c260ce9352f9155f7e9b725eab012](https://github.com/tensorflow/tensorflow/commit/6104f0d4091c260ce9352f9155f7e9b725eab012).\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n",
  "id": "GHSA-g468-qj8g-vcjc",
  "modified": "2022-09-16T21:22:51Z",
  "published": "2022-09-16T21:22:51Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g468-qj8g-vcjc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36016"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/6104f0d4091c260ce9352f9155f7e9b725eab012"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ops/math_ops.cc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs`"
}

GHSA-G4F2-XV55-369R

Vulnerability from github – Published: 2022-05-13 01:11 – Updated: 2025-04-20 03:34
VLAI
Details

The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-9399"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-23T18:59:00Z",
    "severity": "HIGH"
  },
  "details": "The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.",
  "id": "GHSA-g4f2-xv55-369r",
  "modified": "2025-04-20T03:34:44Z",
  "published": "2022-05-13T01:11:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9399"
    },
    {
      "type": "WEB",
      "url": "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396981"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/11/17/1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94380"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G4P6-4X9W-QFQ5

Vulnerability from github – Published: 2026-05-06 12:30 – Updated: 2026-05-08 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

hfs: Replace BUG_ON with error handling for CNID count checks

In a06ec283e125 next_id, folder_count, and file_count in the super block info were expanded to 64 bits, and BUG_ONs were added to detect overflow. This triggered an error reported by syzbot: if the MDB is corrupted, the BUG_ON is triggered. This patch replaces this mechanism with proper error handling and resolves the syzbot reported bug.

Singed-off-by: Jori Koolstra jkoolstra@xs4all.nl

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-43228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-06T12:16:42Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfs: Replace BUG_ON with error handling for CNID count checks\n\nIn a06ec283e125 next_id, folder_count, and file_count in the super block\ninfo were expanded to 64 bits, and BUG_ONs were added to detect\noverflow. This triggered an error reported by syzbot: if the MDB is\ncorrupted, the BUG_ON is triggered. This patch replaces this mechanism\nwith proper error handling and resolves the syzbot reported bug.\n\nSinged-off-by: Jori Koolstra \u003cjkoolstra@xs4all.nl\u003e",
  "id": "GHSA-g4p6-4x9w-qfq5",
  "modified": "2026-05-08T21:31:20Z",
  "published": "2026-05-06T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43228"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b226804532a875c10276168dc55ce752944096bd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b6536c1ced315fa645576d3a39c6e07f2a472962"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G5XC-QG6M-R9G9

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2025-04-20 03:35
VLAI
Details

aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-7605"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-09T14:59:00Z",
    "severity": "HIGH"
  },
  "details": "aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.",
  "id": "GHSA-g5xc-qg6m-r9g9",
  "modified": "2025-04-20T03:35:38Z",
  "published": "2022-05-13T01:47:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7605"
    },
    {
      "type": "WEB",
      "url": "https://blogs.gentoo.org/ago/2017/04/01/libaacplus-signed-integer-overflow-left-shift-and-assertion-failure"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202209-13"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G6Q3-CX7M-9H85

Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2025-04-20 03:33
VLAI
Details

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-5981"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-01T15:59:00Z",
    "severity": "MODERATE"
  },
  "details": "seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file.",
  "id": "GHSA-g6q3-cx7m-9h85",
  "modified": "2025-04-20T03:33:29Z",
  "published": "2022-05-13T01:46:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5981"
    },
    {
      "type": "WEB",
      "url": "https://blogs.gentoo.org/ago/2017/02/09/zziplib-assertion-failure-in-seeko-c"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-3878"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96268"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G75Q-8Q7J-GGF3

Vulnerability from github – Published: 2025-12-25 06:30 – Updated: 2025-12-25 06:30
VLAI
Details

Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-66379"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-25T05:16:09Z",
    "severity": "HIGH"
  },
  "details": "Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service.",
  "id": "GHSA-g75q-8q7j-ggf3",
  "modified": "2025-12-25T06:30:26Z",
  "published": "2025-12-25T06:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66379"
    },
    {
      "type": "WEB",
      "url": "https://docs.pexip.com/admin/security_bulletins.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G79P-2GXH-GX42

Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2022-01-14 00:02
VLAI
Details

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-46054"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-10T14:11:00Z",
    "severity": "MODERATE"
  },
  "details": "A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).",
  "id": "GHSA-g79p-2gxh-gx42",
  "modified": "2022-01-14T00:02:38Z",
  "published": "2022-01-11T00:01:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46054"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WebAssembly/binaryen/issues/4410"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-G7C4-WV7Q-GCC6

Vulnerability from github – Published: 2026-03-30 18:31 – Updated: 2026-07-14 15:31
VLAI
Details

The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application.

This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4046"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-30T18:16:19Z",
    "severity": "HIGH"
  },
  "details": "The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application.\n\n\n\nThis vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.",
  "id": "GHSA-g7c4-wv7q-gcc6",
  "modified": "2026-07-14T15:31:44Z",
  "published": "2026-03-30T18:31:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4046"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
    },
    {
      "type": "WEB",
      "url": "https://inbox.sourceware.org/libc-announce/76814edf-cf7f-47ec-979d-2dce0a2c76bf@gotplt.org/T/#u"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33980"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G854-FC3P-GQ33

Vulnerability from github – Published: 2022-05-24 17:27 – Updated: 2022-05-24 17:27
VLAI
Details

An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-6097"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-09-10T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability.",
  "id": "GHSA-g854-fc3p-gq33",
  "modified": "2022-05-24T17:27:51Z",
  "published": "2022-05-24T17:27:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6097"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00014.html"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1029"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00058.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)

Mitigation
Implementation

Strategy: Input Validation

Perform input validation on user data.

No CAPEC attack patterns related to this CWE.