VYPR

CWE-687

Function Call With Incorrectly Specified Argument Value

VariantDraft

Description

The product calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which may lead to resultant weaknesses.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (1)

  • CVE-2025-22620MedJan 20, 2025
    risk 0.26cvss 5.0epss 0.00

    gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject…