VYPR

CWE-1288

Improper Validation of Consistency within Input

BaseIncomplete

Description

The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or incorrectly validates that the input is actually consistent.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (9)

  • CVE-2022-50976HigFeb 2, 2026
    risk 0.50cvss 7.7epss 0.00

    A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB.

  • CVE-2025-9999HigSep 5, 2025
    risk 0.49cvss epss 0.00

    Some payload elements of the messages sent between two stations in a networking architecture are not properly checked on the receiving station allowing an attacker to execute unauthorized commands in the application.

  • CVE-2024-5953MedJun 18, 2024
    risk 0.37cvss 5.7epss 0.01

    A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.

  • CVE-2026-9689MedMay 27, 2026
    risk 0.27cvss 4.2epss 0.00

    A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote attacker can manipulate the authentication process by crafting a special web…

  • CVE-2025-10929Oct 29, 2025
    risk 0.00cvss epss 0.00

    Improper Validation of Consistency within Input vulnerability in Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables.This issue affects Reverse Proxy Header: from 0.0.0 before 1.1.2.

  • CVE-2025-46722May 29, 2025
    risk 0.00cvss epss 0.00

    vLLM is an inference and serving engine for large language models (LLMs). In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it…

  • CVE-2025-2885Mar 27, 2025
    risk 0.00cvss epss 0.00

    Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to the client instead of the intended version in the root metadata file, altering the version fetched by the client. Users should upgrade to tough version 0.20.0 or…

  • CVE-2023-6245Dec 8, 2023
    risk 0.00cvss epss 0.01

    The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is `record { * ; empty }` and the canister interface expects `record { * }` then the Rust candid decoder treats empty as an extra field…

  • CVE-2022-39353Nov 2, 2022
    risk 0.00cvss epss 0.01

    xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. xmldom parses XML that is not well-formed because it contains multiple top level elements, and adds all root nodes to the `childNodes` collection of the `Document`,…