Common Weakness Enumeration

CWE-665

Discouraged

Improper Initialization

Abstraction: Class · Status: Draft

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

425 vulnerabilities reference this CWE, most recent first.

GHSA-743W-MVM7-47JM

Vulnerability from github – Published: 2023-02-26 15:30 – Updated: 2023-03-07 21:30
VLAI
Details

A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221807.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-1048"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-26T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221807.",
  "id": "GHSA-743w-mvm7-47jm",
  "modified": "2023-03-07T21:30:18Z",
  "published": "2023-02-26T15:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1048"
    },
    {
      "type": "WEB",
      "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1048"
    },
    {
      "type": "WEB",
      "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned5"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.221807"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.221807"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-745P-R637-7VVP

Vulnerability from github – Published: 2022-10-06 20:01 – Updated: 2022-10-06 20:01
VLAI
Summary
Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued
Details

Impact

Setting $secure or $httponly value to true in Config\Cookie is not reflected in set_cookie() or Response::setCookie().

Note This vulnerability does not affect session cookies.

The following code does not issue a cookie with the secure flag even if you set $secure = true in Config\Cookie.

helper('cookie');

$cookie = [
    'name'  => $name,
    'value' => $value,
];
set_cookie($cookie);
// or
$this->response->setCookie($cookie);

Patches

Upgrade to v4.2.7 or later.

Workarounds

  1. Specify the options explicitly. ```php helper('cookie');

$cookie = [ 'name' => $name, 'value' => $value, 'secure' => true, 'httponly' => true, ]; set_cookie($cookie); // or $this->response->setCookie($cookie); 2. Use Cookie object.php use CodeIgniter\Cookie\Cookie;

helper('cookie');

$cookie = new Cookie($name, $value); set_cookie($cookie); // or $this->response->setCookie($cookie); ```

References

  • https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie
  • https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter\HTTP\Response::setCookie

For more information

If you have any questions or comments about this advisory: * Open an issue in codeigniter4/CodeIgniter4 * Email us at SECURITY.md

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "codeigniter4/framework"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.2.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-39284"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665",
      "CWE-732"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-10-06T20:01:41Z",
    "nvd_published_at": "2022-10-06T20:15:00Z",
    "severity": "LOW"
  },
  "details": "### Impact\nSetting `$secure` or `$httponly` value to `true` in `Config\\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`.\n\n\u003e **Note**\n\u003e This vulnerability does not affect session cookies.\n\nThe following code does not issue a cookie with the secure flag even if you set `$secure = true` in `Config\\Cookie`.\n\n```php\nhelper(\u0027cookie\u0027);\n\n$cookie = [\n    \u0027name\u0027  =\u003e $name,\n    \u0027value\u0027 =\u003e $value,\n];\nset_cookie($cookie);\n// or\n$this-\u003eresponse-\u003esetCookie($cookie);\n```\n\n### Patches\nUpgrade to v4.2.7 or later.\n\n### Workarounds\n1. Specify the options explicitly.\n   ```php\n   helper(\u0027cookie\u0027);\n\n   $cookie = [\n       \u0027name\u0027     =\u003e $name,\n       \u0027value\u0027    =\u003e $value,\n       \u0027secure\u0027   =\u003e true,\n       \u0027httponly\u0027 =\u003e true,\n   ];\n   set_cookie($cookie);\n   // or\n   $this-\u003eresponse-\u003esetCookie($cookie);\n   ```\n2. Use Cookie object.\n   ```php\n   use CodeIgniter\\Cookie\\Cookie;\n\n   helper(\u0027cookie\u0027);\n\n   $cookie = new Cookie($name, $value);\n   set_cookie($cookie);\n   // or\n   $this-\u003eresponse-\u003esetCookie($cookie);\n   ```\n\n### References\n- https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie\n- https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter\\HTTP\\Response::setCookie\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [codeigniter4/CodeIgniter4](https://github.com/codeigniter4/CodeIgniter4/issues)\n* Email us at [SECURITY.md](https://github.com/codeigniter4/CodeIgniter4/blob/develop/SECURITY.md)\n",
  "id": "GHSA-745p-r637-7vvp",
  "modified": "2022-10-06T20:01:41Z",
  "published": "2022-10-06T20:01:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-745p-r637-7vvp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39284"
    },
    {
      "type": "WEB",
      "url": "https://github.com/codeigniter4/CodeIgniter4/issues/6540"
    },
    {
      "type": "WEB",
      "url": "https://github.com/codeigniter4/CodeIgniter4/pull/6544"
    },
    {
      "type": "WEB",
      "url": "https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie"
    },
    {
      "type": "WEB",
      "url": "https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter%5CHTTP%5CResponse::setCookie"
    },
    {
      "type": "WEB",
      "url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/codeigniter4/framework/CVE-2022-39284.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/codeigniter4/CodeIgniter4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Codeigniter4\u0027s Secure or HttpOnly flag set in Config\\Cookie is not reflected in Cookies issued"
}

GHSA-759R-C5HW-QM9Q

Vulnerability from github – Published: 2026-03-11 21:31 – Updated: 2026-03-11 21:31
VLAI
Details

A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-0940"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-11T21:16:13Z",
    "severity": "HIGH"
  },
  "details": "A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code.",
  "id": "GHSA-759r-c5hw-qm9q",
  "modified": "2026-03-11T21:31:03Z",
  "published": "2026-03-11T21:31:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0940"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-213040"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-75R2-JHX8-X356

Vulnerability from github – Published: 2022-05-13 01:18 – Updated: 2022-05-13 01:18
VLAI
Details

Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-10115"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-02T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.",
  "id": "GHSA-75r2-jhx8-x356",
  "modified": "2022-05-13T01:18:48Z",
  "published": "2022-05-13T01:18:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10115"
    },
    {
      "type": "WEB",
      "url": "https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution"
    },
    {
      "type": "WEB",
      "url": "https://sourceforge.net/p/sevenzip/discussion/45797/thread/adc65bfa"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104132"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1040832"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-766G-QR22-C7RH

Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-05-24 17:47
VLAI
Details

In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174150451

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-0435"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-13T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174150451",
  "id": "GHSA-766g-qr22-c7rh",
  "modified": "2022-05-24T17:47:12Z",
  "published": "2022-05-24T17:47:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0435"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2021-04-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-7674-FJ4M-C42F

Vulnerability from github – Published: 2024-02-27 12:31 – Updated: 2024-04-10 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

Input: appletouch - initialize work before device registration

Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization.

This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens after input_register_device() call.

So this patch moves dev->work initialization before registering input device

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-46932"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-27T10:15:07Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: appletouch - initialize work before device registration\n\nSyzbot has reported warning in __flush_work(). This warning is caused by\nwork-\u003efunc == NULL, which means missing work initialization.\n\nThis may happen, since input_dev-\u003eclose() calls\ncancel_work_sync(\u0026dev-\u003ework), but dev-\u003ework initalization happens _after_\ninput_register_device() call.\n\nSo this patch moves dev-\u003ework initialization before registering input\ndevice",
  "id": "GHSA-7674-fj4m-c42f",
  "modified": "2024-04-10T18:30:47Z",
  "published": "2024-02-27T12:31:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46932"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-76V6-7M6G-P6V4

Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2025-10-22 00:32
VLAI
Details

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-27950"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-08T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory.",
  "id": "GHSA-76v6-7m6g-p6v4",
  "modified": "2025-10-22T00:32:01Z",
  "published": "2022-05-24T17:35:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27950"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT211928"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT211929"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT211931"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT211940"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT211944"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT211945"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT211946"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT211947"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-27950"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/161296/XNU-Kernel-Mach-Message-Trailers-Memory-Disclosure.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2020/Dec/32"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-788R-RF8C-VGJ3

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31
VLAI
Details

A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied input validation when a custom extension attempts to change a DHCPv6 packet received by the application. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to the application. An exploit could allow the attacker to trigger a restart of the service which, if exploited repeatedly, might lead to a DoS condition. This vulnerability can only be exploited if the administrator of the server has previously installed custom extensions that attempt to modify the packet details before the packet has been processed. Note: Although the CVSS score matches a High SIR, this has been lowered to Medium because this condition will only affect an application that has customer-developed extensions that will attempt to modify packet parameters before the packet has been completely sanitized. If packet modification in a custom extension happens after the packet has been sanitized, the application will not be affected by this vulnerability. Software versions prior to 8.3(7) and 9.1(2) are affected.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-1840"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-18T02:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied input validation when a custom extension attempts to change a DHCPv6 packet received by the application. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to the application. An exploit could allow the attacker to trigger a restart of the service which, if exploited repeatedly, might lead to a DoS condition. This vulnerability can only be exploited if the administrator of the server has previously installed custom extensions that attempt to modify the packet details before the packet has been processed. Note: Although the CVSS score matches a High SIR, this has been lowered to Medium because this condition will only affect an application that has customer-developed extensions that will attempt to modify packet parameters before the packet has been completely sanitized. If packet modification in a custom extension happens after the packet has been sanitized, the application will not be affected by this vulnerability. Software versions prior to 8.3(7) and 9.1(2) are affected.",
  "id": "GHSA-788r-rf8c-vgj3",
  "modified": "2022-05-13T01:31:18Z",
  "published": "2022-05-13T01:31:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1840"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-pnr-dos"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108033"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7899-W6C4-VQC4

Vulnerability from github – Published: 2025-05-05 17:03 – Updated: 2025-05-05 22:06
VLAI
Summary
@misskey-dev/summaly Redirect Filter Bypass
Details

Summary

A logic error in the main summaly function causes the allowRedirects option to never be passed to any plugins, and as a result, isn't enforced.

Details

In the main summaly function, a new scrapingOptions object is created and passed to either the matched plugin, if any, or the default summarize function. The issue here is that the new scrapingOptions object is not provided the allowRedirects property of opts.

PoC

  • Publish a post containing a link to any URL that redirects on Misskey.
  • A preview will be generated for the target of the redirect, despite Misskey passing allowRedirects: false.

Impact

Misskey will follow redirects, despite explicitly requesting not to.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@misskey-dev/summaly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.1"
            },
            {
              "fixed": "5.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-46553"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-601",
      "CWE-665",
      "CWE-669",
      "CWE-693"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-05-05T17:03:20Z",
    "nvd_published_at": "2025-05-05T19:15:56Z",
    "severity": "LOW"
  },
  "details": "### Summary\nA logic error in the main `summaly` function causes the `allowRedirects` option to never be passed to any plugins, and as a result, isn\u0027t enforced.\n\n### Details\nIn the main `summaly` function, a new `scrapingOptions` object is created and passed to either the matched plugin, if any, or the default summarize function. The issue here is that the new `scrapingOptions` object is not provided the `allowRedirects` property of `opts`.\n\n### PoC\n- Publish a post containing a link to any URL that redirects on Misskey.\n- A preview will be generated for the target of the redirect, despite Misskey passing `allowRedirects: false`.\n\n### Impact\nMisskey will follow redirects, despite explicitly requesting not to.",
  "id": "GHSA-7899-w6c4-vqc4",
  "modified": "2025-05-05T22:06:39Z",
  "published": "2025-05-05T17:03:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/misskey-dev/summaly/security/advisories/GHSA-7899-w6c4-vqc4"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46553"
    },
    {
      "type": "WEB",
      "url": "https://github.com/misskey-dev/summaly/commit/45153b4f08a772c395a13f7a25399dd87ed022ed"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/misskey-dev/summaly"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "@misskey-dev/summaly Redirect Filter Bypass"
}

GHSA-7CV2-F4F9-VW96

Vulnerability from github – Published: 2022-05-17 00:56 – Updated: 2025-10-22 03:30
VLAI
Details

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-1675"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-05-16T11:45:00Z",
    "severity": "MODERATE"
  },
  "details": "Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.",
  "id": "GHSA-7cv2-f4f9-vw96",
  "modified": "2025-10-22T03:30:33Z",
  "published": "2022-05-17T00:56:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1675"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=866825"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16976"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-1675"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0820.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0821.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2013/dsa-2699"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:165"
    },
    {
      "type": "WEB",
      "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-47.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/59858"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1822-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1823-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, in Java, if the programmer does not explicitly initialize a variable, then the code could produce a compile-time error (if the variable is local) or automatically initialize the variable to the default value for the variable's type. In Perl, if explicit initialization is not performed, then a default value of undef is assigned, which is interpreted as 0, false, or an equivalent value depending on the context in which the variable is accessed.
Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all your variables and other data stores, either during declaration or just before the first usage.

Mitigation
Implementation

Pay close attention to complex conditionals that affect initialization, since some conditions might not perform the initialization.

Mitigation
Implementation

Avoid race conditions (CWE-362) during initialization routines.

Mitigation
Build and Compilation

Run or compile your product with settings that generate warnings about uninitialized variables or data.

CAPEC-26: Leveraging Race Conditions

The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with their version and cause the system to read the malicious file.

CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.