VYPR
Get started

CWE-172

Encoding Error

ClassDraft

Description

The product does not properly encode or decode the data, resulting in unexpected values.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-120 · CAPEC-267 · CAPEC-3 · CAPEC-52 · CAPEC-53 · CAPEC-64 · CAPEC-71 · CAPEC-72 · CAPEC-78 · CAPEC-80

CVEs mapped to this weakness (5)

CVESevRiskCVSSEPSSKEVPublishedDescription
CVE-2016-6691Cri0.649.80.01Oct 10, 2016service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android before 2016-10-05 allows remote attackers to cause a denial of service (framework crash) or possibly have unspecified other impact via an access point that has a malformed SSID with GBK encoding, aka Qualcomm internal bug CR 978452.
CVE-2026-42926Med0.385.80.00May 13, 2026When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxy_http_version to 2, and also uses proxy_set_body, an attacker may be able to inject frame headers and payload bytes to the upstream peer.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2016-3829Med0.365.50.00Aug 5, 2016The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain structure members, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29023649.
CVE-2016-3828Med0.365.50.00Aug 5, 2016decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28835995.
CVE-2016-3827Med0.365.50.00Aug 5, 2016codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01 mishandles decoder errors, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28816956.