VYPR

CWE-150

Improper Neutralization of Escape, Meta, or Control Sequences

VariantIncomplete

Description

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as escape, meta, or control character sequences when they are sent to a downstream component.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-134 · CAPEC-41 · CAPEC-81 · CAPEC-93

CVEs mapped to this weakness (43)

page 2 of 3
  • CVE-2024-58251LowApr 23, 2025
    risk 0.16cvss 2.5epss 0.00

    In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.

  • CVE-2024-43785LowAug 22, 2024
    risk 0.16cvss 2.5epss 0.00

    gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form ANSI escape…

  • CVE-2026-40505LowApr 16, 2026
    risk 0.14cvss 3.3epss 0.00

    MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal…

  • CVE-2025-55193LowAug 13, 2025
    risk 0.11cvss epss 0.01

    Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be logged without escaping. If this is directly to the terminal it may include unescaped ANSI sequences. This issue has…

  • CVE-2025-58160LowAug 29, 2025
    risk 0.08cvss epss 0.00

    tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be…

  • CVE-2026-3108Mar 26, 2026
    risk 0.00cvss epss 0.00

    Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and…

  • CVE-2026-25996Feb 12, 2026
    risk 0.00cvss epss 0.01

    Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI…

  • CVE-2026-23829Jan 18, 2026
    risk 0.00cvss epss 0.01

    Mailpit is an email testing tool and API for developers. Prior to version 1.28.3, Mailpit's SMTP server is vulnerable to Header Injection due to an insufficient Regular Expression used to validate `RCPT TO` and `MAIL FROM` addresses. An attacker can inject arbitrary SMTP headers…

  • CVE-2026-21439Jan 5, 2026
    risk 0.00cvss epss 0.00

    badkeys is a tool and library for checking cryptographic public keys for known vulnerabilities. In versions 0.0.15 and below, an attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the…

  • CVE-2025-47284May 19, 2025
    risk 0.00cvss epss 0.00

    Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the `gardenlet` component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. It could allow a user with administrative…

  • CVE-2025-31651Apr 28, 2025
    risk 0.00cvss epss 0.04

    Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced…

  • CVE-2025-1693Feb 27, 2025
    risk 0.00cvss epss 0.00

    The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the shell output. This may result in the display of falsified messages that appear to originate from mongosh…

  • CVE-2025-1692Feb 27, 2025
    risk 0.00cvss epss 0.00

    The MongoDB Shell may be susceptible to control character injection where an attacker with control of the user’s clipboard could manipulate them to paste text into mongosh that evaluates arbitrary code. Control characters in the pasted text can be used to obfuscate malicious…

  • CVE-2024-56201Dec 23, 2024
    risk 0.00cvss epss 0.00

    Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit…

  • CVE-2024-27936Mar 6, 2024
    risk 0.00cvss epss 0.01

    Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence…

  • CVE-2023-40185Aug 23, 2023
    risk 0.00cvss epss 0.01

    shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in a threaded context. The vulnerability can result in Shescape escaping (or quoting) for the wrong shell, thus allowing attackers to bypass protections depending on the…

  • CVE-2023-30844May 8, 2023
    risk 0.00cvss epss 0.01

    Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in `mutagen` and prior to version 0.17.1 in `mutagen-compose`, Mutagen `list` and `monitor` commands are susceptible to control characters that…

  • CVE-2023-28446Mar 24, 2023
    risk 0.00cvss epss 0.01

    Deno is a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Arbitrary program names without any ANSI filtering allows any malicious program to clear the first 2 lines of a `op_spawn_child` or `op_kill` prompt and replace it with…

  • CVE-2023-26055Mar 2, 2023
    risk 0.00cvss epss 0.01

    XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability can also be exploited in…

  • CVE-2022-43756Feb 7, 2023
    risk 0.00cvss epss 0.01

    A Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version…