VYPR

CWE-1116

Inaccurate Source Code Comments

BaseIncomplete

Description

The source code contains comments that do not accurately describe or explain aspects of the portion of the code with which the comment is associated.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (1)

  • CVE-2025-47271MedMay 12, 2025
    risk 0.34cvss epss 0.00

    The OZI action is a GitHub Action that publishes releases to PyPI and mirror releases, signature bundles, and provenance in a tagged release. In versions 1.13.2 through 1.13.5, potentially untrusted data flows into PR creation logic. A malicious actor could construct a branch…