CVEbaza.plCWE DictionaryCWE-374
Common Weakness Enumeration

CWE-374

Passing Mutable Objects to an Untrusted Method

Category: BaseCVE: 1
Description

The product sends non-cloned mutable data as an argument to a method or function.

Extended Description

The function or method that has been called can alter or delete the mutable data. This could violate assumptions that the calling function has made about its state. In situations where unknown code is called with references to mutable data, this external code could make changes to the data sent. If this data was not previously cloned, the modified data might not be valid in the context of execution.

CVE vulnerabilities with CWE-374 (1)
8.8
CVSS
HIGH
CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

pub. 2024-04-17
Information
ID: CWE-374
Type: Base
Vulnerabilities: 1
MITRE CWE ↗
← CWE Dictionary