CWE-129
Improper Validation of Array Index
Description
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-100
CVEs mapped to this weakness (149)
page 7 of 8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-26933 | 0.00 | — | 0.00 | Mar 19, 2026 | Improper Validation of Array Index (CWE-129) in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker with the ability to send specially crafted, malformed network packets to a monitored network… | |||
| CVE-2026-25882 | 0.00 | — | 0.01 | Feb 24, 2026 | Fiber is an Express inspired web framework written in Go. A denial of service vulnerability exists in Fiber v2 and v3 that allows remote attackers to crash the application by sending requests to routes with more than 30 parameters. The vulnerability results from missing… | |||
| CVE-2026-25518 | 0.00 | — | 0.00 | Feb 4, 2026 | cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller… | |||
| CVE-2026-0528 | 0.00 | — | 0.00 | Jan 13, 2026 | Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset.… | |||
| CVE-2025-62372 | 0.00 | — | 0.00 | Nov 21, 2025 | vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, users can crash the vLLM engine serving multimodal models by passing multimodal embedding inputs with correct ndim but incorrect shape (e.g. hidden dimension is wrong),… | |||
| CVE-2025-48075 | 0.00 | — | 0.00 | May 22, 2025 | Fiber is an Express-inspired web framework written in Go. Starting in version 2.52.6 and prior to version 2.52.7, `fiber.Ctx.BodyParser` can map flat data to nested slices using `key[idx]value` syntax, but when idx is negative, it causes a panic instead of returning an error… | |||
| CVE-2025-1975 | 0.00 | — | 0.00 | May 16, 2025 | A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull… | |||
| CVE-2024-21493 | 0.00 | — | 0.01 | Feb 17, 2024 | All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access… | |||
| CVE-2024-24563 | 0.00 | — | 0.02 | Feb 7, 2024 | Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an `int` as an index for an array. The typechecker… | |||
| CVE-2023-36307 | — | 0.00 | — | 0.00 | Sep 5, 2023 | ZPLGFA 1.1.1 allows attackers to cause a panic (because of an integer index out of range during a ConvertToGraphicField call) via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence | ||
| CVE-2023-36308 | — | 0.00 | — | 0.00 | Sep 5, 2023 | disintegration Imaging 1.6.2 allows attackers to cause a panic (because of an integer index out of range during a Grayscale call) via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any… | ||
| CVE-2022-38072 | 0.00 | — | 0.01 | Apr 3, 2023 | An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this… | |||
| CVE-2021-3121 | — | 0.00 | — | 0.03 | Jan 11, 2021 | An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue. | ||
| CVE-2020-36067 | — | 0.00 | — | 0.01 | Jan 5, 2021 | GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call. | ||
| CVE-2020-29245 | — | 0.00 | — | 0.01 | Dec 28, 2020 | dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readAtomData. | ||
| CVE-2020-29244 | — | 0.00 | — | 0.01 | Dec 28, 2020 | dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readTextWithDescrFrame. | ||
| CVE-2020-29243 | — | 0.00 | — | 0.01 | Dec 28, 2020 | dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readAPICFrame. | ||
| CVE-2020-29242 | — | 0.00 | — | 0.01 | Dec 28, 2020 | dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readPICFrame. | ||
| CVE-2020-25791 | — | 0.00 | — | 0.02 | Sep 19, 2020 | An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit(). | ||
| CVE-2020-25793 | — | 0.00 | — | 0.02 | Sep 19, 2020 | An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with From<InlineArray<A, T>>. |
- CVE-2026-26933Mar 19, 2026risk 0.00cvss —epss 0.00
Improper Validation of Array Index (CWE-129) in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker with the ability to send specially crafted, malformed network packets to a monitored network…
- CVE-2026-25882Feb 24, 2026risk 0.00cvss —epss 0.01
Fiber is an Express inspired web framework written in Go. A denial of service vulnerability exists in Fiber v2 and v3 that allows remote attackers to crash the application by sending requests to routes with more than 30 parameters. The vulnerability results from missing…
- CVE-2026-25518Feb 4, 2026risk 0.00cvss —epss 0.00
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller…
- CVE-2026-0528Jan 13, 2026risk 0.00cvss —epss 0.00
Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset.…
- CVE-2025-62372Nov 21, 2025risk 0.00cvss —epss 0.00
vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, users can crash the vLLM engine serving multimodal models by passing multimodal embedding inputs with correct ndim but incorrect shape (e.g. hidden dimension is wrong),…
- CVE-2025-48075May 22, 2025risk 0.00cvss —epss 0.00
Fiber is an Express-inspired web framework written in Go. Starting in version 2.52.6 and prior to version 2.52.7, `fiber.Ctx.BodyParser` can map flat data to nested slices using `key[idx]value` syntax, but when idx is negative, it causes a panic instead of returning an error…
- CVE-2025-1975May 16, 2025risk 0.00cvss —epss 0.00
A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull…
- CVE-2024-21493Feb 17, 2024risk 0.00cvss —epss 0.01
All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access…
- CVE-2024-24563Feb 7, 2024risk 0.00cvss —epss 0.02
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an `int` as an index for an array. The typechecker…
- CVE-2023-36307Sep 5, 2023risk 0.00cvss —epss 0.00
ZPLGFA 1.1.1 allows attackers to cause a panic (because of an integer index out of range during a ConvertToGraphicField call) via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence
- CVE-2023-36308Sep 5, 2023risk 0.00cvss —epss 0.00
disintegration Imaging 1.6.2 allows attackers to cause a panic (because of an integer index out of range during a Grayscale call) via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any…
- CVE-2022-38072Apr 3, 2023risk 0.00cvss —epss 0.01
An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this…
- CVE-2021-3121Jan 11, 2021risk 0.00cvss —epss 0.03
An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.
- CVE-2020-36067Jan 5, 2021risk 0.00cvss —epss 0.01
GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.
- CVE-2020-29245Dec 28, 2020risk 0.00cvss —epss 0.01
dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readAtomData.
- CVE-2020-29244Dec 28, 2020risk 0.00cvss —epss 0.01
dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readTextWithDescrFrame.
- CVE-2020-29243Dec 28, 2020risk 0.00cvss —epss 0.01
dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readAPICFrame.
- CVE-2020-29242Dec 28, 2020risk 0.00cvss —epss 0.01
dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readPICFrame.
- CVE-2020-25791Sep 19, 2020risk 0.00cvss —epss 0.02
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit().
- CVE-2020-25793Sep 19, 2020risk 0.00cvss —epss 0.02
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with From<InlineArray<A, T>>.