VYPR

CWE-567

Unsynchronized Access to Shared Data in a Multithreaded Context

BaseDraft

Description

The product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-25

CVEs mapped to this weakness (3)

  • CVE-2026-48708HigJun 15, 2026
    risk 0.42cvss 7.5epss 0.00

    OliveTin gives access to predefined shell commands from a web interface. In versions 3000.0.0 and prior, the template engine uses a single shared text/template.Template instance (tpl package-level variable in service/internal/tpl/templates.go) across all goroutines. Every action…

  • CVE-2026-46693MedJun 10, 2026
    risk 0.27cvss 4.1epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is…

  • CVE-2020-25724May 26, 2021
    risk 0.00cvss epss 0.01

    A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gain access to privileged information. The highest threat from this vulnerability is to confidentiality and integrity. Versions before resteasy 2.0.0.Alpha3…