VYPR

CWE-392

Missing Report of Error Condition

BaseDraft

Description

The product encounters an error but does not provide a status code or return value to indicate that an error has occurred.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (9)

  • CVE-2025-32743CriApr 10, 2025
    risk 0.59cvss 9.0epss 0.00

    In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those…

  • CVE-2017-2342HigJul 17, 2017
    risk 0.53cvss 8.1epss 0.01

    MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. It falls back to an unencrypted link. This can happen when MACsec is configured on ports that are not capable of MACsec or…

  • CVE-2024-39697HigJul 9, 2024
    risk 0.49cvss 8.6epss 0.01

    phonenumber is a library for parsing, formatting and validating international phone numbers. Since 0.3.4, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment of rust-phonenumber, this may get…

  • CVE-2025-23270HigJul 17, 2025
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, where an unprivileged local attacker may cause exposure of sensitive information via a side channel vulnerability. A successful exploit of this vulnerability might lead to code execution, data tampering,…

  • CVE-2026-42246HigMay 9, 2026
    risk 0.41cvss 7.4epss 0.00

    Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAP#starttls to return "successfully", without starting TLS. This issue has been patched…

  • CVE-2024-12797MedFeb 11, 2025
    risk 0.34cvss 6.3epss 0.02

    Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER verification mode is set. Impact summary: TLS and DTLS connections…

  • CVE-2025-59398LowSep 15, 2025
    risk 0.13cvss 3.1epss 0.00

    The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 characters, because a CiString<255> object is created with StringTooLarge set to Throw.

  • CVE-2023-42447Sep 19, 2023
    risk 0.00cvss epss 0.01

    blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds…

  • CVE-2023-42444Sep 19, 2023
    risk 0.00cvss epss 0.01

    phonenumber is a library for parsing, formatting and validating international phone numbers. Prior to versions `0.3.3+8.13.9` and `0.2.5+8.11.3`, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment…