CWE-1389
Incorrect Parsing of Numbers with Different Radices
BaseIncomplete
Description
The product parses numeric input assuming base 10 (decimal) values, but it does not account for inputs that use a different base number (radix).
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (1)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-25242 | Med | 0.40 | 6.2 | 0.00 | Apr 4, 2026 | One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an unhandled exception that crashes the application. |