CWE-626
Null Byte Interaction Error (Poison Null Byte)
The product does not properly handle null bytes or NUL characters when passing data between different representations or components.
CVE-2019-11936 (GCVE-0-2019-11936)
Vulnerability from cvelistv5 – Published: 2019-12-04 16:25 – Updated: 2024-08-04 23:10
VLAI?
Summary
Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.
Severity ?
No CVSS data available.
CWE
- CWE-626 - Null Byte Interaction Error (Poison Null Byte)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HHVM |
Affected:
4.28.2
Affected: 4.28.0 , < unspecified (custom) Affected: 4.27.1 Affected: 4.27.0 , < unspecified (custom) Affected: 4.26.1 Affected: 4.26.0 , < unspecified (custom) Affected: 4.25.1 Affected: 4.25.0 , < unspecified (custom) Affected: 4.24.1 Affected: 4.24.0 , < unspecified (custom) Affected: 4.23.2 Affected: 4.9.0 , < unspecified (custom) Affected: 4.8.6 Affected: 4.0.0 , < unspecified (custom) Affected: 3.30.12 Affected: unspecified , < 3.30.12 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:29.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://hhvm.com/blog/2019/10/28/security-update.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/facebook/hhvm/commit/f57df6d8cf33cb14c40f52287da29360e7003373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.facebook.com/security/advisories/cve-2019-11936"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HHVM",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "4.28.2"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "4.28.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.27.1"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "4.27.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.26.1"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "4.26.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.25.1"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "4.25.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.24.1"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "4.24.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.23.2"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "4.9.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.8.6"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "3.30.12"
},
{
"lessThan": "3.30.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2019-10-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-626",
"description": "CWE-626: Null Byte Interaction Error (Poison Null Byte)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-04T16:25:20.000Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "facebook"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://hhvm.com/blog/2019/10/28/security-update.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/facebook/hhvm/commit/f57df6d8cf33cb14c40f52287da29360e7003373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2019-11936"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2019-10-28",
"ID": "CVE-2019-11936",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HHVM",
"version": {
"version_data": [
{
"version_affected": "!=\u003e",
"version_value": "4.28.2"
},
{
"version_affected": "\u003e=",
"version_value": "4.28.0"
},
{
"version_affected": "!=\u003e",
"version_value": "4.27.1"
},
{
"version_affected": "\u003e=",
"version_value": "4.27.0"
},
{
"version_affected": "!=\u003e",
"version_value": "4.26.1"
},
{
"version_affected": "\u003e=",
"version_value": "4.26.0"
},
{
"version_affected": "!=\u003e",
"version_value": "4.25.1"
},
{
"version_affected": "\u003e=",
"version_value": "4.25.0"
},
{
"version_affected": "!=\u003e",
"version_value": "4.24.1"
},
{
"version_affected": "\u003e=",
"version_value": "4.24.0"
},
{
"version_affected": "!=\u003e",
"version_value": "4.23.2"
},
{
"version_affected": "\u003e=",
"version_value": "4.9.0"
},
{
"version_affected": "!=\u003e",
"version_value": "4.8.6"
},
{
"version_affected": "\u003e=",
"version_value": "4.0.0"
},
{
"version_affected": "!=\u003e",
"version_value": "3.30.12"
},
{
"version_affected": "\u003c",
"version_value": "3.30.12"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-626: Null Byte Interaction Error (Poison Null Byte)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hhvm.com/blog/2019/10/28/security-update.html",
"refsource": "CONFIRM",
"url": "https://hhvm.com/blog/2019/10/28/security-update.html"
},
{
"name": "https://github.com/facebook/hhvm/commit/f57df6d8cf33cb14c40f52287da29360e7003373",
"refsource": "CONFIRM",
"url": "https://github.com/facebook/hhvm/commit/f57df6d8cf33cb14c40f52287da29360e7003373"
},
{
"name": "https://www.facebook.com/security/advisories/cve-2019-11936",
"refsource": "CONFIRM",
"url": "https://www.facebook.com/security/advisories/cve-2019-11936"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "facebook",
"cveId": "CVE-2019-11936",
"datePublished": "2019-12-04T16:25:20.000Z",
"dateReserved": "2019-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:10:29.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17137 (GCVE-0-2019-17137)
Vulnerability from cvelistv5 – Published: 2020-02-10 19:15 – Updated: 2024-08-05 01:33
VLAI?
Summary
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of path strings. By inserting a null byte into the path, the user can skip most authentication checks. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-8616.
Severity ?
9.4 (Critical)
CWE
- CWE-626 - Null Byte Interaction Error (Poison Null Byte)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-866/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1200",
"vendor": "NETGEAR",
"versions": [
{
"status": "affected",
"version": "R6220 Firmware version 1.1.0.86"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Michael Flanders of Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of path strings. By inserting a null byte into the path, the user can skip most authentication checks. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-8616."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-626",
"description": "CWE-626: Null Byte Interaction Error (Poison Null Byte)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T19:15:37.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-866/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2019-17137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AC1200",
"version": {
"version_data": [
{
"version_value": "R6220 Firmware version 1.1.0.86"
}
]
}
}
]
},
"vendor_name": "NETGEAR"
}
]
}
},
"credit": "Michael Flanders of Trend Micro Zero Day Initiative",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of path strings. By inserting a null byte into the path, the user can skip most authentication checks. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-8616."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-626: Null Byte Interaction Error (Poison Null Byte)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-866/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-866/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2019-17137",
"datePublished": "2020-02-10T19:15:38.000Z",
"dateReserved": "2019-10-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10773 (GCVE-0-2020-10773)
Vulnerability from cvelistv5 – Published: 2020-09-10 16:07 – Updated: 2024-08-04 11:14
VLAI?
Summary
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.
Severity ?
4.4 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:14:14.957Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "kernel-5.4-rc6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack information leak flaw was found in s390/s390x in the Linux kernel\u2019s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-626",
"description": "CWE-626",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-10T16:07:48.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-10773",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel-5.4-rc6"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack information leak flaw was found in s390/s390x in the Linux kernel\u2019s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.4/CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-626"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10773"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-10773",
"datePublished": "2020-09-10T16:07:48.000Z",
"dateReserved": "2020-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:14:14.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-42040 (GCVE-0-2026-42040)
Vulnerability from cvelistv5 – Published: 2026-04-24 17:40 – Updated: 2026-04-27 13:48
VLAI?
Title
Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams
Summary
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode() function in lib/helpers/AxiosURLSearchParams.js contains a character mapping (charMap) at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent('\x00') correctly produces the safe sequence %00, the charMap entry '%00': '\x00' converts it back to a raw null byte. Primary impact is limited because the standard axios request flow is not affected. This vulnerability is fixed in 1.15.1 and 0.31.1.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42040",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-27T13:48:02.943460Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T13:48:06.659Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/axios/axios/security/advisories/GHSA-xhjh-pmcv-23jw"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "axios",
"vendor": "axios",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 1.15.1"
},
{
"status": "affected",
"version": "\u003c 0.31.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode() function in lib/helpers/AxiosURLSearchParams.js contains a character mapping (charMap) at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent(\u0027\\x00\u0027) correctly produces the safe sequence %00, the charMap entry \u0027%00\u0027: \u0027\\x00\u0027 converts it back to a raw null byte. Primary impact is limited because the standard axios request flow is not affected. This vulnerability is fixed in 1.15.1 and 0.31.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116: Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-626",
"description": "CWE-626: Null Byte Interaction Error (Poison Null Byte)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T17:40:31.125Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/axios/axios/security/advisories/GHSA-xhjh-pmcv-23jw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/axios/axios/security/advisories/GHSA-xhjh-pmcv-23jw"
}
],
"source": {
"advisory": "GHSA-xhjh-pmcv-23jw",
"discovery": "UNKNOWN"
},
"title": "Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42040",
"datePublished": "2026-04-24T17:40:31.125Z",
"dateReserved": "2026-04-23T16:05:01.709Z",
"dateUpdated": "2026-04-27T13:48:06.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Implementation
Description:
- Remove null bytes from all incoming strings.
No CAPEC attack patterns related to this CWE.