CVEbaza.plCWE DictionaryCWE-162
Common Weakness Enumeration

CWE-162

Improper Neutralization of Trailing Special Elements

Category: VariantCVE: 1
Description

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes trailing special elements that could be interpreted in unexpected ways when they are sent to a downstream component.

Extended Description

As data is parsed, improperly handled trailing special elements may cause the process to take unexpected actions that result in an attack.

CVE vulnerabilities with CWE-162 (1)
2.1
CVSS
LOW
CVE-2026-47241

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the first command. This will cause the first command to eventually fail, but also prevents it from returning until another command is sent (from another thread). That other command will not return until the connection is closed. This vulnerability is fixed in 0.6.5 and 0.5.15.

pub. 2026-06-22
Information
ID: CWE-162
Type: Variant
Vulnerabilities: 1
MITRE CWE ↗
← CWE Dictionary