CWE-1389
Incorrect Parsing of Numbers with Different Radices
Description
The product parses numeric input assuming base 10 (decimal) values, but it does not account for inputs that use a different base number (radix).
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-50131 | Hig | 0.49 | 8.6 | 0.00 | Jun 10, 2026 | Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the IPv4 validation… | ||
| CVE-2018-25242 | — | Med | 0.40 | 6.2 | 0.00 | Apr 4, 2026 | One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an… |
- risk 0.49cvss 8.6epss 0.00
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the IPv4 validation…
- risk 0.40cvss 6.2epss 0.00
One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an…