VYPR

CWE-683

Function Call With Incorrect Order of Arguments

VariantDraft

Description

The product calls a function, procedure, or routine, but the caller specifies the arguments in an incorrect order, leading to resultant weaknesses.

While this weakness might be caught by the compiler in some languages, it can occur more frequently in cases in which the called function accepts variable numbers or types of arguments, such as format strings in C. It also can occur in languages or environments that do not enforce strong typing.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (4)

  • CVE-2025-47278LowMay 13, 2025
    risk 0.05cvss epss 0.00

    Flask is a web server gateway interface (WSGI) web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the `itsdangerous`…

  • CVE-2026-32269Mar 12, 2026
    risk 0.00cvss epss 0.00

    Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.13 and 8.6.39, the OAuth2 authentication adapter does not correctly validate app IDs when appidField and appIds are configured. During app ID validation,…

  • CVE-2026-24846Jan 29, 2026
    risk 0.00cvss epss 0.00

    malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. Starting in version 1.8.0 and prior to version 1.20.3, malcontent could be made to create symlinks outside the intended extraction directory when scanning a specially crafted tar or…

  • CVE-2023-32059May 11, 2023
    risk 0.00cvss epss 0.01

    Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, internal calls with default arguments are compiled incorrectly. Depending on the number of arguments provided in the call, the defaults are added not right-to-left, but…