VYPR

CWE-157

Failure to Sanitize Paired Delimiters

VariantDraft

Description

The product does not properly handle the characters that are used to mark the beginning and ending of a group of entities, such as parentheses, brackets, and braces.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-15

CVEs mapped to this weakness (1)

  • CVE-2025-25286CriFeb 13, 2025
    risk 0.57cvss 9.8epss 0.01

    Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish version 4.1.0, remote code execution may be possible in web-accessible installations of Homarus in certain configurations. The issue has been…