CVEbaza.plCWE DictionaryCWE-588
Common Weakness Enumeration

CWE-588

Attempt to Access Child of a Non-structure Pointer

Category: VariantCVE: 3
Description

Casting a non-structure type to a structure type and accessing a field can lead to memory access errors or data corruption.

CVE vulnerabilities with CWE-588 (3)
8.8
CVSS
HIGH
CVE-2026-21692

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `ToXmlCurve()` at `IccXML/IccLibXML/IccMpeXml.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

pub. 2026-01-07
7.5
CVSS
HIGH
CVE-2021-3510

Zephyr JSON decoder incorrectly decodes array of array. Zephyr versions >= >1.14.0, >= >2.5.0 contain Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4

pub. 2021-10-05
6.5
CVSS
MEDIUM
CVE-2021-3319

DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Zephyr versions >= > v2.4.0 contain NULL Pointer Dereference (CWE-476), Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94jg-2p6q-5364

pub. 2021-10-05
Information
ID: CWE-588
Type: Variant
Vulnerabilities: 3
MITRE CWE ↗
← CWE Dictionary
CWE-588 — Attempt to Access Child of a Non-structure Pointer | CWE Dictionary | CVEbaza.pl