CWE-703
Improper Check or Handling of Exceptional Conditions
Description
The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.
Hierarchy (View 1000)
CVEs mapped to this weakness (50)
page 3 of 3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21629 | 0.00 | — | 0.01 | Jan 2, 2024 | Rust EVM is an Ethereum Virtual Machine interpreter. In `rust-evm`, a feature called `record_external_operation` was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during… | |||
| CVE-2023-45812 | 0.00 | — | 0.01 | Oct 18, 2023 | The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when a… | |||
| CVE-2023-29195 | 0.00 | — | 0.01 | May 11, 2023 | Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that from that point on, anyone who tries to… | |||
| CVE-2023-29194 | 0.00 | — | 0.01 | Apr 14, 2023 | Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing `/` characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list… | |||
| CVE-2022-41777 | 0.00 | — | 0.01 | Dec 5, 2022 | Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash. | |||
| CVE-2022-31152 | 0.00 | — | 0.01 | Sep 2, 2022 | Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of [event authorization rules](https://spec.matrix.org/v1.2/rooms/v9/#authorization-rules) which must be checked when determining if an… | |||
| CVE-2022-33082 | — | 0.00 | — | 0.02 | Jun 30, 2022 | An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2022-21164 | — | 0.00 | — | 0.01 | Mar 16, 2022 | The package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause a crash during type check. | ||
| CVE-2019-11245 | 0.00 | — | 0.01 | Aug 29, 2019 | In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the… | |||
| CVE-2017-16014 | Hig | 0.00 | 7.5 | 0.02 | Jun 4, 2018 | Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service. |
- CVE-2024-21629Jan 2, 2024risk 0.00cvss —epss 0.01
Rust EVM is an Ethereum Virtual Machine interpreter. In `rust-evm`, a feature called `record_external_operation` was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during…
- CVE-2023-45812Oct 18, 2023risk 0.00cvss —epss 0.01
The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when a…
- CVE-2023-29195May 11, 2023risk 0.00cvss —epss 0.01
Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that from that point on, anyone who tries to…
- CVE-2023-29194Apr 14, 2023risk 0.00cvss —epss 0.01
Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing `/` characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list…
- CVE-2022-41777Dec 5, 2022risk 0.00cvss —epss 0.01
Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.
- CVE-2022-31152Sep 2, 2022risk 0.00cvss —epss 0.01
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of [event authorization rules](https://spec.matrix.org/v1.2/rooms/v9/#authorization-rules) which must be checked when determining if an…
- CVE-2022-33082Jun 30, 2022risk 0.00cvss —epss 0.02
An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2022-21164Mar 16, 2022risk 0.00cvss —epss 0.01
The package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause a crash during type check.
- CVE-2019-11245Aug 29, 2019risk 0.00cvss —epss 0.01
In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the…
- risk 0.00cvss 7.5epss 0.02
Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.