CWE-617
AllowedReachable Assertion
Abstraction: Base · Status: Draft
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
989 vulnerabilities reference this CWE, most recent first.
GHSA-R4RF-VX7W-8692
Vulnerability from github – Published: 2022-05-24 17:44 – Updated: 2022-05-24 17:44A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.
{
"affected": [],
"aliases": [
"CVE-2021-20286"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-15T18:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.",
"id": "GHSA-r4rf-vx7w-8692",
"modified": "2022-05-24T17:44:33Z",
"published": "2022-05-24T17:44:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20286"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934727"
},
{
"type": "WEB",
"url": "https://gitlab.com/nbdkit/libnbd/-/commit/fb4440de9cc76e9c14bd3ddf3333e78621f40ad0"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R4WQ-665P-WHRQ
Vulnerability from github – Published: 2025-12-23 00:30 – Updated: 2025-12-23 00:30wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprs_mic_e() located in src/decode_aprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or truncated comment field, the application triggers an unhandled assertion checking for a non-empty comment. This assertion failure causes immediate process termination, allowing a remote, unauthenticated attacker to cause a denial of service by sending malformed APRS traffic.
{
"affected": [],
"aliases": [
"CVE-2025-34458"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-22T22:16:04Z",
"severity": "HIGH"
},
"details": "wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprs_mic_e() located in src/decode_aprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or truncated comment field, the application triggers an unhandled assertion checking for a non-empty comment. This assertion failure causes immediate process termination, allowing a remote, unauthenticated attacker to cause a denial of service by sending malformed APRS traffic.",
"id": "GHSA-r4wq-665p-whrq",
"modified": "2025-12-23T00:30:32Z",
"published": "2025-12-23T00:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34458"
},
{
"type": "WEB",
"url": "https://github.com/wb2osz/direwolf/issues/618"
},
{
"type": "WEB",
"url": "https://github.com/wb2osz/direwolf/commit/3658a87"
},
{
"type": "WEB",
"url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-010-direwolf-stack-buffer-overflow-kiss-frame.md"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/wb2osz-direwolf-reachable-assertion-dos"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R4XC-G4X2-59J9
Vulnerability from github – Published: 2022-01-21 00:00 – Updated: 2022-01-27 00:02There is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op_object_is_fast_array (obj_p)' failed at /jerry-core/ecma/base/ecma-helpers.c in JerryScript 3.0.0.
{
"affected": [],
"aliases": [
"CVE-2021-46342"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-20T22:15:00Z",
"severity": "MODERATE"
},
"details": "There is an Assertion \u0027ecma_is_lexical_environment (obj_p) || !ecma_op_object_is_fast_array (obj_p)\u0027 failed at /jerry-core/ecma/base/ecma-helpers.c in JerryScript 3.0.0.",
"id": "GHSA-r4xc-g4x2-59j9",
"modified": "2022-01-27T00:02:28Z",
"published": "2022-01-21T00:00:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46342"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript/issues/4934"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R622-5GGQ-2MH5
Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-05-24 17:45A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability.
{
"affected": [],
"aliases": [
"CVE-2021-20217"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-25T19:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability.",
"id": "GHSA-r622-5ggq-2mh5",
"modified": "2022-05-24T17:45:22Z",
"published": "2022-05-24T17:45:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20217"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923252"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202107-16"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R6WP-R547-F9GF
Vulnerability from github – Published: 2023-10-13 00:30 – Updated: 2024-04-04 08:36A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS).
Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.
Note: This issue is not noticed when all the devices in the network are Juniper devices.
This issue affects Juniper Networks:
Junos OS:
- All versions prior to 20.4R3-S7;
- 21.2 versions prior to 21.2R3-S5;
- 21.3 versions prior to 21.3R3-S4;
- 21.4 versions prior to 21.4R3-S4;
- 22.1 versions prior to 22.1R3-S4;
- 22.2 versions prior to 22.2R3;
- 22.3 versions prior to 22.3R3;
- 22.4 versions prior to 22.4R3.
Junos OS Evolved:
- All versions prior to 22.3R3-EVO;
- 22.4-EVO versions prior to 22.4R3-EVO;
- 23.2-EVO versions prior to 23.2R1-EVO.
{
"affected": [],
"aliases": [
"CVE-2023-44175"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-12T23:15:11Z",
"severity": "HIGH"
},
"details": "\nA Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS).\n\nContinued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nNote: This issue is not noticed when all the devices in the network are Juniper devices.\n\nThis issue affects Juniper Networks:\n\nJunos OS:\n\n\n\n * All versions prior to 20.4R3-S7;\n * 21.2 versions prior to 21.2R3-S5;\n * 21.3 versions prior to 21.3R3-S4;\n * 21.4 versions prior to 21.4R3-S4;\n * 22.1 versions prior to 22.1R3-S4;\n * 22.2 versions prior to 22.2R3;\n * 22.3 versions prior to 22.3R3;\n * 22.4 versions prior to 22.4R3.\n\n\n\n\nJunos OS Evolved:\n\n\n\n * All versions prior to 22.3R3-EVO;\n * 22.4-EVO versions prior to 22.4R3-EVO;\n * 23.2-EVO versions prior to 23.2R1-EVO.\n\n\n\n\n\n\n",
"id": "GHSA-r6wp-r547-f9gf",
"modified": "2024-04-04T08:36:35Z",
"published": "2023-10-13T00:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44175"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/JSA73141"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R6WW-5963-7R95
Vulnerability from github – Published: 2023-06-09 19:33 – Updated: 2024-02-09 00:34A grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This was due to incorrect logic when handling GOAWAY frames.
The attack is low-effort: it takes very little resources to construct and send the required sequence of frames. The impact on availability is high as the server will crash, dropping all in flight connections and requests.
The issue was discovered by automated fuzz testing and is resolved by fixing the relevant state handling code.
{
"affected": [
{
"package": {
"ecosystem": "SwiftURL",
"name": "github.com/grpc/grpc-swift"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-24777"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": true,
"github_reviewed_at": "2023-06-09T19:33:16Z",
"nvd_published_at": "2022-03-25T17:15:00Z",
"severity": "HIGH"
},
"details": "A grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This was due to incorrect logic when handling `GOAWAY` frames.\n\nThe attack is low-effort: it takes very little resources to construct and send the required sequence of frames. The impact on availability is high as the server will crash, dropping all in flight connections and requests.\n\nThe issue was discovered by automated fuzz testing and is resolved by fixing the relevant state handling code.",
"id": "GHSA-r6ww-5963-7r95",
"modified": "2024-02-09T00:34:17Z",
"published": "2023-06-09T19:33:16Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-r6ww-5963-7r95"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24777"
},
{
"type": "WEB",
"url": "https://github.com/grpc/grpc-swift/commit/858f977f2a51fca2292f384cf7a108dc2e73a3bd"
},
{
"type": "PACKAGE",
"url": "https://github.com/grpc/grpc-swift"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Denial of Service via reachable assertion"
}
GHSA-R6X8-74X9-5MC9
Vulnerability from github – Published: 2025-08-03 03:30 – Updated: 2025-11-03 21:34In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.
{
"affected": [],
"aliases": [
"CVE-2025-54350"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-03T02:15:37Z",
"severity": "LOW"
},
"details": "In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.",
"id": "GHSA-r6x8-74x9-5mc9",
"modified": "2025-11-03T21:34:18Z",
"published": "2025-08-03T03:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54350"
},
{
"type": "WEB",
"url": "https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a"
},
{
"type": "WEB",
"url": "https://github.com/esnet/iperf/releases/tag/3.19.1"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00020.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-R8M3-P659-7PMW
Vulnerability from github – Published: 2022-04-23 00:40 – Updated: 2024-04-03 23:52quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal
{
"affected": [],
"aliases": [
"CVE-2012-5521"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-25T14:15:00Z",
"severity": "MODERATE"
},
"details": "quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal",
"id": "GHSA-r8m3-p659-7pmw",
"modified": "2024-04-03T23:52:17Z",
"published": "2022-04-23T00:40:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5521"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2012-5521"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5521"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80096"
},
{
"type": "WEB",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-5521"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2012/11/13/14"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/56530"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R9F8-GHWP-VF63
Vulnerability from github – Published: 2026-01-06 03:31 – Updated: 2026-01-06 21:30In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01685181; Issue ID: MSV-4760.
{
"affected": [],
"aliases": [
"CVE-2025-20762"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-06T02:15:41Z",
"severity": "HIGH"
},
"details": "In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01685181; Issue ID: MSV-4760.",
"id": "GHSA-r9f8-ghwp-vf63",
"modified": "2026-01-06T21:30:32Z",
"published": "2026-01-06T03:31:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20762"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/January-2026"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RC2P-CR9J-XGQC
Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-05-24 19:04Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
{
"affected": [],
"aliases": [
"CVE-2021-1937"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-09T07:15:00Z",
"severity": "HIGH"
},
"details": "Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wired Infrastructure and Networking",
"id": "GHSA-rc2p-cr9j-xgqc",
"modified": "2022-05-24T19:04:41Z",
"published": "2022-05-24T19:04:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1937"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)
Mitigation
Strategy: Input Validation
Perform input validation on user data.
No CAPEC attack patterns related to this CWE.