Common Weakness Enumeration

CWE-754

Allowed-with-Review

Improper Check for Unusual or Exceptional Conditions

Abstraction: Class · Status: Incomplete

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

905 vulnerabilities reference this CWE, most recent first.

CVE-2019-1849 (GCVE-0-2019-1849)

Vulnerability from cvelistv5 – Published: 2019-05-16 01:20 – Updated: 2024-11-21 19:23
VLAI
Title
Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability
Summary
A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs when the affected software processes specific EVPN routing information. An attacker could exploit this vulnerability by injecting malicious traffic patterns into the targeted EVPN network. A successful exploit could result in a crash of the l2vpn_mgr process on Provider Edge (PE) device members of the same EVPN instance (EVI). On each of the affected devices, a crash could lead to system instability and the inability to process or forward traffic through the device, resulting in a DoS condition that would require manual intervention to restore normal operating conditions.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/108342 vdb-entryx_refsource_BID
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Affected: unspecified , < n/a (custom)
Create a notification for this product.
Date Public
2019-05-15 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.809Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190515 Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-iosxr-evpn-dos"
          },
          {
            "name": "108342",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108342"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1849",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:58:20.968155Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:23:53.261Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs when the affected software processes specific EVPN routing information. An attacker could exploit this vulnerability by injecting malicious traffic patterns into the targeted EVPN network. A successful exploit could result in a crash of the l2vpn_mgr process on Provider Edge (PE) device members of the same EVPN instance (EVI). On each of the affected devices, a crash could lead to system instability and the inability to process or forward traffic through the device, resulting in a DoS condition that would require manual intervention to restore normal operating conditions."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-16T13:06:32.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190515 Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-iosxr-evpn-dos"
        },
        {
          "name": "108342",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108342"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190515-iosxr-evpn-dos",
        "defect": [
          [
            "CSCvk35997"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-15T16:00:00-0700",
          "ID": "CVE-2019-1849",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs when the affected software processes specific EVPN routing information. An attacker could exploit this vulnerability by injecting malicious traffic patterns into the targeted EVPN network. A successful exploit could result in a crash of the l2vpn_mgr process on Provider Edge (PE) device members of the same EVPN instance (EVI). On each of the affected devices, a crash could lead to system instability and the inability to process or forward traffic through the device, resulting in a DoS condition that would require manual intervention to restore normal operating conditions."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190515 Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-iosxr-evpn-dos"
            },
            {
              "name": "108342",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108342"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190515-iosxr-evpn-dos",
          "defect": [
            [
              "CSCvk35997"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1849",
    "datePublished": "2019-05-16T01:20:41.653Z",
    "dateReserved": "2018-12-06T00:00:00.000Z",
    "dateUpdated": "2024-11-21T19:23:53.261Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-0068 (GCVE-0-2019-0068)

Vulnerability from cvelistv5 – Published: 2019-10-09 19:26 – Updated: 2024-09-17 04:09
VLAI
Title
Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets
Summary
The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2.
CWE
  • Denial of Service (DoS)
  • CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
URL Tags
https://kb.juniper.net/JSA10968 x_refsource_CONFIRM
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 17.3
Affected: 12.3X48 , < 12.3X48-D90 (custom)
Affected: 15.1X49 , < 15.1X49-D180 (custom)
Affected: 17.4 , < 17.4R2-S5, 17.4R3 (custom)
Affected: 18.1 , < 18.1R3-S6 (custom)
Affected: 18.2 , < 18.2R2-S4, 18.2R3 (custom)
Affected: 18.3 , < 18.3R2-S1, 18.3R3 (custom)
Affected: 18.4 , < 18.4R2 (custom)
Affected: 19.1 , < 19.1R1-S1, 19.1R2 (custom)
Create a notification for this product.
Date Public
2019-10-09 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.434Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10968"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "SRX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "status": "affected",
              "version": "17.3"
            },
            {
              "lessThan": "12.3X48-D90",
              "status": "affected",
              "version": "12.3X48",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1X49-D180",
              "status": "affected",
              "version": "15.1X49",
              "versionType": "custom"
            },
            {
              "lessThan": "17.4R2-S5, 17.4R3",
              "status": "affected",
              "version": "17.4",
              "versionType": "custom"
            },
            {
              "lessThan": "18.1R3-S6",
              "status": "affected",
              "version": "18.1",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2R2-S4, 18.2R3",
              "status": "affected",
              "version": "18.2",
              "versionType": "custom"
            },
            {
              "lessThan": "18.3R2-S1, 18.3R3",
              "status": "affected",
              "version": "18.3",
              "versionType": "custom"
            },
            {
              "lessThan": "18.4R2",
              "status": "affected",
              "version": "18.4",
              "versionType": "custom"
            },
            {
              "lessThan": "19.1R1-S1, 19.1R2",
              "status": "affected",
              "version": "19.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-09T19:26:17.000Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10968"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D90, 15.1X49-D180, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.3R2-S1, 18.3R3, 18.4R2, 19.1R1-S1, 19.1R2, 19.2R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA10968",
        "defect": [
          "1417510"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no available workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.6"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
          "ID": "CVE-2019-0068",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.3X48",
                            "version_value": "12.3X48-D90"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X49",
                            "version_value": "15.1X49-D180"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "=",
                            "version_name": "17.3",
                            "version_value": "17.3"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "17.4",
                            "version_value": "17.4R2-S5, 17.4R3"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.1",
                            "version_value": "18.1R3-S6"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.2",
                            "version_value": "18.2R2-S4, 18.2R3"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.3",
                            "version_value": "18.3R2-S1, 18.3R3"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.4",
                            "version_value": "18.4R2"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "19.1",
                            "version_value": "19.1R1-S1, 19.1R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.6"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service (DoS)"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10968",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10968"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D90, 15.1X49-D180, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.3R2-S1, 18.3R3, 18.4R2, 19.1R1-S1, 19.1R2, 19.2R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA10968",
          "defect": [
            "1417510"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "There are no available workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2019-0068",
    "datePublished": "2019-10-09T19:26:17.903Z",
    "dateReserved": "2018-10-11T00:00:00.000Z",
    "dateUpdated": "2024-09-17T04:09:30.020Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-25007 (GCVE-0-2018-25007)

Vulnerability from cvelistv5 – Published: 2021-04-23 16:05 – Updated: 2024-09-16 18:18
VLAI
Title
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11
Summary
Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 (Vaadin 10.0.0 through 10.0.7, and 11.0.0 through 11.0.2) allows attacker to update element property values via crafted synchronization message.
CWE
  • CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
Impacted products
Vendor Product Version
Vaadin Vaadin Affected: 10.0.0 , < * (custom)
Create a notification for this product.
Vaadin flow-server Affected: 1.0.0 , < * (custom)
Create a notification for this product.
Date Public
2018-11-29 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:26:39.439Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://vaadin.com/security/cve-2018-25007"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vaadin/flow/pull/4774"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Vaadin",
          "vendor": "Vaadin",
          "versions": [
            {
              "changes": [
                {
                  "at": "11.0.0",
                  "status": "affected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "flow-server",
          "vendor": "Vaadin",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-11-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 (Vaadin 10.0.0 through 10.0.7, and 11.0.0 through 11.0.2) allows attacker to update element property values via crafted synchronization message."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-23T16:05:40.000Z",
        "orgId": "9e0f3122-90e9-42d5-93de-8c6b98deef7e",
        "shortName": "Vaadin"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://vaadin.com/security/cve-2018-25007"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vaadin/flow/pull/4774"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "",
          "ASSIGNER": "security@vaadin.com",
          "DATE_PUBLIC": "2018-11-29T09:17:00.000Z",
          "ID": "CVE-2018-25007",
          "STATE": "PUBLIC",
          "TITLE": "Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Vaadin",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "\u003e=",
                            "version_name": "",
                            "version_value": "10.0.0"
                          },
                          {
                            "platform": "",
                            "version_affected": "\u003c=",
                            "version_name": "",
                            "version_value": "10.0.7 +1"
                          },
                          {
                            "platform": "",
                            "version_affected": "\u003e=",
                            "version_name": "",
                            "version_value": "11.0.0"
                          },
                          {
                            "platform": "",
                            "version_affected": "\u003c=",
                            "version_name": "",
                            "version_value": "11.0.2 +1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "flow-server",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "\u003e=",
                            "version_name": "",
                            "version_value": "1.0.0"
                          },
                          {
                            "platform": "",
                            "version_affected": "\u003c=",
                            "version_name": "",
                            "version_value": "1.0.5 +1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Vaadin"
              }
            ]
          }
        },
        "configuration": [],
        "credit": [],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 (Vaadin 10.0.0 through 10.0.7, and 11.0.0 through 11.0.2) allows attacker to update element property values via crafted synchronization message."
            }
          ]
        },
        "exploit": [],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://vaadin.com/security/cve-2018-25007",
              "refsource": "MISC",
              "url": "https://vaadin.com/security/cve-2018-25007"
            },
            {
              "name": "https://github.com/vaadin/flow/pull/4774",
              "refsource": "MISC",
              "url": "https://github.com/vaadin/flow/pull/4774"
            }
          ]
        },
        "solution": [],
        "source": {
          "advisory": "",
          "defect": [],
          "discovery": "INTERNAL"
        },
        "work_around": []
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9e0f3122-90e9-42d5-93de-8c6b98deef7e",
    "assignerShortName": "Vaadin",
    "cveId": "CVE-2018-25007",
    "datePublished": "2021-04-23T16:05:40.338Z",
    "dateReserved": "2021-04-13T00:00:00.000Z",
    "dateUpdated": "2024-09-16T18:18:49.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-7794 (GCVE-0-2018-7794)

Vulnerability from cvelistv5 – Published: 2020-01-06 22:57 – Updated: 2026-05-29 14:05
VLAI
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
Impacted products
Vendor Product Version
Schneider Electric SE Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) Affected: Modicon M580
Affected: Modicon M340
Affected: Modicon Quantum
Affected: Modicon Premium (see security notification for specific versions)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:37:59.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2018-7794",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-29T14:04:08.954870Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-29T14:05:11.611Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580, Modicon M340, Modicon Quantum,  Modicon Premium (see security notification for specific versions)",
          "vendor": "Schneider Electric SE",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580"
            },
            {
              "status": "affected",
              "version": "Modicon M340"
            },
            {
              "status": "affected",
              "version": "Modicon Quantum"
            },
            {
              "status": "affected",
              "version": "Modicon Premium (see security notification for specific versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-06T22:57:09.000Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7794",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580, Modicon M340, Modicon Quantum,  Modicon Premium (see security notification for specific versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580"
                          },
                          {
                            "version_value": "Modicon M340"
                          },
                          {
                            "version_value": "Modicon Quantum"
                          },
                          {
                            "version_value": "Modicon Premium (see security notification for specific versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2018-7794",
    "datePublished": "2020-01-06T22:57:09.000Z",
    "dateReserved": "2018-03-08T00:00:00.000Z",
    "dateUpdated": "2026-05-29T14:05:11.611Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

GHSA-22JR-VC7J-G762

Vulnerability from github – Published: 2020-03-16 22:46 – Updated: 2024-10-21 19:57
VLAI
Summary
Potential buffer overflow in psd-tools
Details

Impact

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malformed PSD input data during decoding to the PIL.Image or NumPy format, leading to a Buffer Overflow.

Patches

Users of psd-tools version v1.8.37 to v1.9.3 should upgrade to v1.9.4.

Workarounds

Without Cython present on installation, buffer overflow does not occur but IndexError will be thrown. However, already installed psd-tools with Cython extention should be upgraded.

References

https://github.com/psd-tools/psd-tools/pull/198

For more information

If you have any questions or comments about this advisory: * Open an issue in psd-tools

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c 1.9.3"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "psd-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.8.37"
            },
            {
              "fixed": "1.9.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-10571"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-03-16T20:55:37Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "### Impact\nAn issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malformed PSD input data during decoding to the PIL.Image or NumPy format, leading to a Buffer Overflow.\n\n### Patches\nUsers of psd-tools version v1.8.37 to v1.9.3 should upgrade to v1.9.4.\n\n### Workarounds\nWithout Cython present on installation, buffer overflow does not occur but IndexError will be thrown. However, already installed psd-tools with Cython extention should be upgraded.\n\n### References\nhttps://github.com/psd-tools/psd-tools/pull/198\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [psd-tools](https://github.com/psd-tools/psd-tools/issues)",
  "id": "GHSA-22jr-vc7j-g762",
  "modified": "2024-10-21T19:57:21Z",
  "published": "2020-03-16T22:46:19Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/psd-tools/psd-tools/security/advisories/GHSA-22jr-vc7j-g762"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10571"
    },
    {
      "type": "WEB",
      "url": "https://github.com/psd-tools/psd-tools/pull/198"
    },
    {
      "type": "WEB",
      "url": "https://github.com/psd-tools/psd-tools/commit/fd51f8b4a52bc9c1c06d1035dfdf2cd920e87074"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/psd-tools/psd-tools"
    },
    {
      "type": "WEB",
      "url": "https://github.com/psd-tools/psd-tools/releases/tag/v1.9.4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/psd-tools/PYSEC-2020-91.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Potential buffer overflow in psd-tools"
}

GHSA-242F-WGGC-9X23

Vulnerability from github – Published: 2022-04-15 00:00 – Updated: 2022-04-22 00:00
VLAI
Details

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these crafted packets will cause a sustained Denial of Service condition. This issue affects Juniper Networks Junos OS Evolved all versions prior to 20.4R2-S3-EVO on PTX10003, PTX10004, and PTX10008. This issue does not affect: Juniper Networks Junos OS Evolved versions 21.1R1-EVO and above; Juniper Networks Junos OS.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22194"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-14T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these crafted packets will cause a sustained Denial of Service condition. This issue affects Juniper Networks Junos OS Evolved all versions prior to 20.4R2-S3-EVO on PTX10003, PTX10004, and PTX10008. This issue does not affect: Juniper Networks Junos OS Evolved versions 21.1R1-EVO and above; Juniper Networks Junos OS.",
  "id": "GHSA-242f-wggc-9x23",
  "modified": "2022-04-22T00:00:55Z",
  "published": "2022-04-15T00:00:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22194"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA69505"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-24XV-3279-X7HJ

Vulnerability from github – Published: 2022-02-10 00:00 – Updated: 2023-06-26 21:30
VLAI
Details

Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions vulnerability in the ABB SPIET800 and PNI800 module that allows an attacker to cause the denial of service or make the module unresponsive.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22285"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754",
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-04T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions vulnerability in the ABB SPIET800 and PNI800 module that allows an attacker to cause the denial of service or make the module unresponsive.",
  "id": "GHSA-24xv-3279-x7hj",
  "modified": "2023-06-26T21:30:55Z",
  "published": "2022-02-10T00:00:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22285"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA001353\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-25HC-QCG6-38WJ

Vulnerability from github – Published: 2024-06-19 15:04 – Updated: 2024-11-18 16:26
VLAI
Summary
socket.io has an unhandled 'error' event
Details

Impact

A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process.

node:events:502
    throw err; // Unhandled 'error' event
    ^

Error [ERR_UNHANDLED_ERROR]: Unhandled error. (undefined)
    at new NodeError (node:internal/errors:405:5)
    at Socket.emit (node:events:500:17)
    at /myapp/node_modules/socket.io/lib/socket.js:531:14
    at process.processTicksAndRejections (node:internal/process/task_queues:77:11) {
  code: 'ERR_UNHANDLED_ERROR',
  context: undefined
}

Affected versions

Version range Needs minor update?
4.6.2...latest Nothing to do
3.0.0...4.6.1 Please upgrade to socket.io@4.6.2 (at least)
2.3.0...2.5.0 Please upgrade to socket.io@2.5.1

Patches

This issue is fixed by https://github.com/socketio/socket.io/commit/15af22fc22bc6030fcead322c106f07640336115, included in socket.io@4.6.2 (released in May 2023).

The fix was backported in the 2.x branch today: https://github.com/socketio/socket.io/commit/d30630ba10562bf987f4d2b42440fc41a828119c

Workarounds

As a workaround for the affected versions of the socket.io package, you can attach a listener for the "error" event:

io.on("connection", (socket) => {
  socket.on("error", () => {
    // ...
  });
});

For more information

If you have any questions or comments about this advisory:

  • Open a discussion here

Thanks a lot to Paul Taylor for the responsible disclosure.

References

  • https://github.com/socketio/socket.io/commit/15af22fc22bc6030fcead322c106f07640336115
  • https://github.com/socketio/socket.io/commit/d30630ba10562bf987f4d2b42440fc41a828119c
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c 2.5.0"
      },
      "package": {
        "ecosystem": "npm",
        "name": "socket.io"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "socket.io"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "4.6.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-38355"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-754"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-19T15:04:41Z",
    "nvd_published_at": "2024-06-19T20:15:11Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nA specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process.\n\n```\nnode:events:502\n    throw err; // Unhandled \u0027error\u0027 event\n    ^\n\nError [ERR_UNHANDLED_ERROR]: Unhandled error. (undefined)\n    at new NodeError (node:internal/errors:405:5)\n    at Socket.emit (node:events:500:17)\n    at /myapp/node_modules/socket.io/lib/socket.js:531:14\n    at process.processTicksAndRejections (node:internal/process/task_queues:77:11) {\n  code: \u0027ERR_UNHANDLED_ERROR\u0027,\n  context: undefined\n}\n```\n\n### Affected versions\n\n| Version range    | Needs minor update?                            |\n|------------------|------------------------------------------------|\n| `4.6.2...latest` | Nothing to do               |\n| `3.0.0...4.6.1`  | Please upgrade to `socket.io@4.6.2` (at least) |\n| `2.3.0...2.5.0`  | Please upgrade to `socket.io@2.5.1`            |\n\n### Patches\n\nThis issue is fixed by https://github.com/socketio/socket.io/commit/15af22fc22bc6030fcead322c106f07640336115, included in `socket.io@4.6.2` (released in May 2023).\n\nThe fix was backported in the 2.x branch today: https://github.com/socketio/socket.io/commit/d30630ba10562bf987f4d2b42440fc41a828119c\n\n### Workarounds\n\nAs a workaround for the affected versions of the `socket.io` package, you can attach a listener for the \"error\" event:\n\n```js\nio.on(\"connection\", (socket) =\u003e {\n  socket.on(\"error\", () =\u003e {\n    // ...\n  });\n});\n```\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n- Open a discussion [here](https://github.com/socketio/socket.io/discussions)\n\nThanks a lot to [Paul Taylor](https://github.com/Y0ursTruly) for the responsible disclosure.\n\n### References\n\n- https://github.com/socketio/socket.io/commit/15af22fc22bc6030fcead322c106f07640336115\n- https://github.com/socketio/socket.io/commit/d30630ba10562bf987f4d2b42440fc41a828119c\n",
  "id": "GHSA-25hc-qcg6-38wj",
  "modified": "2024-11-18T16:26:46Z",
  "published": "2024-06-19T15:04:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/socketio/socket.io/security/advisories/GHSA-25hc-qcg6-38wj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38355"
    },
    {
      "type": "WEB",
      "url": "https://github.com/socketio/socket.io/commit/15af22fc22bc6030fcead322c106f07640336115"
    },
    {
      "type": "WEB",
      "url": "https://github.com/socketio/socket.io/commit/d30630ba10562bf987f4d2b42440fc41a828119c"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/socketio/socket.io"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "socket.io has an unhandled \u0027error\u0027 event"
}

GHSA-2663-JM96-PP8F

Vulnerability from github – Published: 2024-12-18 21:30 – Updated: 2024-12-18 21:30
VLAI
Details

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-51470"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-18T20:15:23Z",
    "severity": "MODERATE"
  },
  "details": "IBM MQ\u00a09.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance\u00a09.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25\u00a0could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.",
  "id": "GHSA-2663-jm96-pp8f",
  "modified": "2024-12-18T21:30:56Z",
  "published": "2024-12-18T21:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51470"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7177593"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7178085"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7179137"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-26FJ-M6R6-QG3J

Vulnerability from github – Published: 2022-05-24 19:08 – Updated: 2022-05-24 19:08
VLAI
Details

On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition. This BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart. This issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network. Junos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S3;

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-0282"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-15T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition. This BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart. This issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network. Junos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S3;",
  "id": "GHSA-26fj-m6r6-qg3j",
  "modified": "2022-05-24T19:08:07Z",
  "published": "2022-05-24T19:08:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0282"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA11186"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • Choose languages with features such as exception handling that force the programmer to anticipate unusual conditions that may generate exceptions. Custom exceptions may need to be developed to handle unusual business-logic conditions. Be careful not to pass sensitive exceptions back to the user (CWE-209, CWE-248).
Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is expected.

Mitigation
Implementation

If using exception handling, catch and throw specific exceptions instead of overly-general exceptions (CWE-396, CWE-397). Catch and handle exceptions as locally as possible so that exceptions do not propagate too far up the call stack (CWE-705). Avoid unchecked or uncaught exceptions where feasible (CWE-248).

Mitigation MIT-39
Implementation
  • Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
  • If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
  • Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
  • Exposing additional information to a potential attacker in the context of an exceptional condition can help the attacker determine what attack vectors are most likely to succeed beyond DoS.
Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-38
Architecture and Design Implementation

If the program must fail, ensure that it fails gracefully (fails closed). There may be a temptation to simply let the program fail poorly in cases such as low memory conditions, but an attacker may be able to assert control before the software has fully exited. Alternately, an uncontrolled failure could cause cascading problems with other downstream components; for example, the program could send a signal to a downstream process so the process immediately knows that a problem has occurred and has a better chance of recovery.

Mitigation
Architecture and Design

Use system limits, which should help to prevent resource exhaustion. However, the product should still handle low resource conditions since they may still occur.

No CAPEC attack patterns related to this CWE.