CWE-755
DiscouragedImproper Handling of Exceptional Conditions
Abstraction: Class · Status: Incomplete
The product does not handle or incorrectly handles an exceptional condition.
686 vulnerabilities reference this CWE, most recent first.
GHSA-3M2Q-3QHR-66RQ
Vulnerability from github – Published: 2023-02-06 21:30 – Updated: 2023-02-14 03:30In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
{
"affected": [],
"aliases": [
"CVE-2022-32655"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-06T20:15:00Z",
"severity": "MODERATE"
},
"details": "In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.",
"id": "GHSA-3m2q-3qhr-66rq",
"modified": "2023-02-14T03:30:21Z",
"published": "2023-02-06T21:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32655"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3MCC-2CG8-VVJX
Vulnerability from github – Published: 2022-05-01 07:25 – Updated: 2025-04-09 03:31pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.
{
"affected": [],
"aliases": [
"CVE-2006-5170"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2006-10-10T04:06:00Z",
"severity": "HIGH"
},
"details": "pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.",
"id": "GHSA-3mcc-2cg8-vvjx",
"modified": "2025-04-09T03:31:56Z",
"published": "2022-05-01T07:25:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5170"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207286"
},
{
"type": "WEB",
"url": "https://issues.rpath.com/browse/RPL-680"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10418"
},
{
"type": "WEB",
"url": "http://bugzilla.padl.com/show_bug.cgi?id=291"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0719.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/22682"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/22685"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/22694"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/22696"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/22869"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23132"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/23428"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200612-19.xml"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1017153"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2006/dsa-1203"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:201"
},
{
"type": "WEB",
"url": "http://www.novell.com/linux/security/advisories/2006_27_sr.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/447859/100/200/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/20880"
},
{
"type": "WEB",
"url": "http://www.trustix.org/errata/2006/0061"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2006/4319"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-3MFM-PFV2-VMRP
Vulnerability from github – Published: 2022-10-01 00:00 – Updated: 2022-10-06 00:00A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.
{
"affected": [],
"aliases": [
"CVE-2022-20919"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-248",
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-30T19:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.",
"id": "GHSA-3mfm-pfv2-vmrp",
"modified": "2022-10-06T00:00:55Z",
"published": "2022-10-01T00:00:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20919"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3P4F-G732-2RG3
Vulnerability from github – Published: 2025-10-14 12:31 – Updated: 2025-10-14 12:31A security issue exists within the Studio 5000 Logix Designer add-on profile (AOP) for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model (COM) methods.
{
"affected": [],
"aliases": [
"CVE-2025-9437"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T12:15:34Z",
"severity": "HIGH"
},
"details": "A security issue exists within the Studio 5000 Logix Designer add-on profile (AOP) for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model (COM) methods.",
"id": "GHSA-3p4f-g732-2rg3",
"modified": "2025-10-14T12:31:31Z",
"published": "2025-10-14T12:31:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9437"
},
{
"type": "WEB",
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1751.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-3Q28-9X2C-2FCM
Vulnerability from github – Published: 2022-05-04 00:00 – Updated: 2022-05-11 00:01In aee driver, there is a possible reference count mistake due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06209201.
{
"affected": [],
"aliases": [
"CVE-2022-20088"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-03T20:15:00Z",
"severity": "HIGH"
},
"details": "In aee driver, there is a possible reference count mistake due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06209201.",
"id": "GHSA-3q28-9x2c-2fcm",
"modified": "2022-05-11T00:01:43Z",
"published": "2022-05-04T00:00:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20088"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/May-2022"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3QR5-X56V-H6M5
Vulnerability from github – Published: 2022-05-13 01:40 – Updated: 2022-05-13 01:40An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32749036. References: QC-CR#1098602.
{
"affected": [],
"aliases": [
"CVE-2017-0622"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-05-12T15:29:00Z",
"severity": "HIGH"
},
"details": "An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32749036. References: QC-CR#1098602.",
"id": "GHSA-3qr5-x56v-h6m5",
"modified": "2022-05-13T01:40:21Z",
"published": "2022-05-13T01:40:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0622"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98198"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3R4R-FFRP-777W
Vulnerability from github – Published: 2024-01-12 03:30 – Updated: 2024-01-12 03:30An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap BGP sessions and cause the routing protocol daemon (rpd) process to crash and restart, leading to a Denial of Service (DoS) condition. Continued BGP session flapping will create a sustained Denial of Service (DoS) condition.
This issue only affects routers configured with non-stop routing (NSR) enabled. Graceful Restart (GR) helper mode, enabled by default, is also required for this issue to be exploitable.
When the BGP session flaps on the NSR-enabled router, the device enters GR-helper/LLGR-helper mode due to the peer having negotiated GR/LLGR-restarter capability and the backup BGP requests for replication of the GR/LLGR-helper session, master BGP schedules, and initiates replication of GR/LLGR stale routes to the backup BGP. In this state, if the BGP session with the BGP peer comes up again, unsolicited replication is initiated for the peer without cleaning up the ongoing GR/LLGR-helper mode replication. This parallel two instances of replication for the same peer leads to the assert if the BGP session flaps again.
This issue affects:
Juniper Networks Junos OS
- All versions earlier than 20.4R3-S9;
- 21.2 versions earlier than 21.2R3-S7;
- 21.3 versions earlier than 21.3R3-S5;
- 21.4 versions earlier than 21.4R3-S5;
- 22.1 versions earlier than 22.1R3-S4;
- 22.2 versions earlier than 22.2R3-S3;
- 22.3 versions earlier than 22.3R3-S1;
- 22.4 versions earlier than 22.4R2-S2, 22.4R3;
- 23.2 versions earlier than 23.2R1-S1, 23.2R2.
Juniper Networks Junos OS Evolved
- All versions earlier than 21.3R3-S5-EVO;
- 21.4 versions earlier than 21.4R3-S5-EVO;
- 22.1 versions earlier than 22.1R3-S4-EVO;
- 22.2 versions earlier than 22.2R3-S3-EVO;
- 22.3 versions earlier than 22.3R3-S1-EVO;
- 22.4 versions earlier than 22.4R2-S2-EVO, 22.4R3-EVO;
- 23.2 versions earlier than 23.2R1-S1-EVO, 23.2R2-EVO.
{
"affected": [],
"aliases": [
"CVE-2024-21585"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-12T01:15:46Z",
"severity": "MODERATE"
},
"details": "\nAn Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker\u0027s control, to flap BGP sessions and cause the routing protocol daemon (rpd) process to crash and restart, leading to a Denial of Service (DoS) condition. Continued BGP session flapping will create a sustained Denial of Service (DoS) condition.\n\nThis issue only affects routers configured with non-stop routing (NSR) enabled. Graceful Restart (GR) helper mode, enabled by default, is also required for this issue to be exploitable.\n\nWhen the BGP session flaps on the NSR-enabled router, the device enters GR-helper/LLGR-helper mode due to the peer having negotiated GR/LLGR-restarter capability and the backup BGP requests for replication of the GR/LLGR-helper session, master BGP schedules, and initiates replication of GR/LLGR stale routes to the backup BGP. In this state, if the BGP session with the BGP peer comes up again, unsolicited replication is initiated for the peer without cleaning up the ongoing GR/LLGR-helper mode replication. This parallel two instances of replication for the same peer leads to the assert if the BGP session flaps again.\n\nThis issue affects:\n\nJuniper Networks Junos OS\n\n\n\n * All versions earlier than 20.4R3-S9;\n * 21.2 versions earlier than 21.2R3-S7;\n * 21.3 versions earlier than 21.3R3-S5;\n * 21.4 versions earlier than 21.4R3-S5;\n * 22.1 versions earlier than 22.1R3-S4;\n * 22.2 versions earlier than 22.2R3-S3;\n * 22.3 versions earlier than 22.3R3-S1;\n * 22.4 versions earlier than 22.4R2-S2, 22.4R3;\n * 23.2 versions earlier than 23.2R1-S1, 23.2R2.\n\n\n\n\nJuniper Networks Junos OS Evolved\n\n\n\n * All versions earlier than 21.3R3-S5-EVO;\n * 21.4 versions earlier than 21.4R3-S5-EVO;\n * 22.1 versions earlier than 22.1R3-S4-EVO;\n * 22.2 versions earlier than 22.2R3-S3-EVO;\n * 22.3 versions earlier than 22.3R3-S1-EVO;\n * 22.4 versions earlier than 22.4R2-S2-EVO, 22.4R3-EVO;\n * 23.2 versions earlier than 23.2R1-S1-EVO, 23.2R2-EVO.\n\n\n\n\n\n\n",
"id": "GHSA-3r4r-ffrp-777w",
"modified": "2024-01-12T03:30:48Z",
"published": "2024-01-12T03:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21585"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/JSA75723"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/s/article/MX-GR-and-LLGR-capability-and-compatibility-changes-after-15-1-release"
},
{
"type": "WEB",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3RQR-2PP7-2956
Vulnerability from github – Published: 2022-05-24 17:17 – Updated: 2022-11-15 12:00The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
{
"affected": [],
"aliases": [
"CVE-2020-12888"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-05-15T18:15:00Z",
"severity": "MODERATE"
},
"details": "The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.",
"id": "GHSA-3rqr-2pp7-2956",
"modified": "2022-11-15T12:00:18Z",
"published": "2022-05-24T17:17:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12888"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBEHRQQZTKJTPQFPY3JAO7MQ4JAFEQNW"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXGMJHWTMQI34NJZ4BHL3ZVF264AWBF2"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/kvm/158871401328.15589.17598154478222071285.stgit@gimli.home"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/kvm/158871570274.15589.10563806532874116326.stgit@gimli.home"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200608-0001"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4525-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4526-1"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/05/19/6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3VM2-3VF9-9J39
Vulnerability from github – Published: 2024-12-10 15:32 – Updated: 2025-07-23 21:36A security issue exists in Vertex Gemini API for customers using VPC-SC. By utilizing a custom crafted file URI for image input, data exfiltration is possible due to requests being routed outside the VPC-SC security perimeter, circumventing the intended security restrictions of VPC-SC.
No further fix actions are needed. Google Cloud Platform implemented a fix to return an error message when a media file URL is specified in the fileUri parameter and VPC Service Controls is enabled. Other use cases are unaffected.
{
"affected": [],
"aliases": [
"CVE-2024-12236"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-10T15:15:07Z",
"severity": "MODERATE"
},
"details": "A security issue exists in Vertex Gemini API for customers using VPC-SC. By utilizing a custom crafted file URI for image input, data exfiltration is possible due to requests being routed outside the VPC-SC security perimeter, circumventing the intended security restrictions of VPC-SC.\n\nNo further fix actions are needed. Google Cloud Platform implemented a fix to return an error message when a media file URL is specified in the fileUri parameter and VPC Service Controls is enabled. Other use cases are unaffected.",
"id": "GHSA-3vm2-3vf9-9j39",
"modified": "2025-07-23T21:36:43Z",
"published": "2024-12-10T15:32:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12236"
},
{
"type": "WEB",
"url": "https://cloud.google.com/vertex-ai/generative-ai/docs/security-bulletins#gcp-2024-063"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-3WC2-CMWJ-M278
Vulnerability from github – Published: 2022-02-11 00:00 – Updated: 2025-05-05 18:31Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.
{
"affected": [],
"aliases": [
"CVE-2022-21218"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-09T23:15:00Z",
"severity": "MODERATE"
},
"details": "Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.",
"id": "GHSA-3wc2-cmwj-m278",
"modified": "2025-05-05T18:31:36Z",
"published": "2022-02-11T00:00:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21218"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00639.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.