VYPR

CWE-394

Unexpected Status Code or Return Value

BaseDraft

Description

The product does not properly check when a function or operation returns a value that is legitimate for the function, but is not expected by the product.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (3)

  • CVE-2025-23013HigJan 15, 2025
    risk 0.47cvss epss 0.00

    In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product implements a Pluggable Authentication Module (PAM) that can be deployed to support authentication using a YubiKey or other FIDO compliant authenticators on macOS or Linux. This software…

  • CVE-2025-22854MedJun 15, 2025
    risk 0.45cvss epss 0.00

    Improper handling of non-200 http responses in the PingFederate Google Adapter leads to thread exhaustion under normal usage conditions.

  • CVE-2022-24880Apr 25, 2022
    risk 0.00cvss epss 0.01

    flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty…