CVEbaza.plSłownik CWECWE-130
Common Weakness Enumeration

CWE-130

Improper Handling of Length Parameter Inconsistency

Kategoria: BaseCVE: 99
Opis

Produkt analizuje sformatowaną wiadomość lub strukturę, ale nie obsługuje lub nieprawidłowo obsługuje pole długości, które jest niespójne z faktyczną długością powiązanych danych. Ta luka w bezpieczeństwie może prowadzić do błędów przetwarzania, omijania walidacji lub wykonania nieautoryzowanego kodu.

Description (EN)

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

Podatności CVE z CWE-130 (99)
9.8
CVSS
CRITICAL
CVE-2026-43125

Podatność w module DLM (Distributed Lock Manager) jądra Linux umożliwia zapis poza granicami bufora poprzez niezwalidowany parametr długości pochodzący z komunikatów sieciowych. Ze względu na brak uwierzytelnienia i możliwość zdalnego wywołania, podatność jest oceniana jako krytyczna (CVSS 9.8).

pub. 2026-05-06
9.8
CVSS
CRITICAL
CVE-2022-2714

Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.

pub. 2022-09-06
8.8
CVSS
HIGH
CVE-2026-42216

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init() reconstructs strings from a prefix-compressed representation. If the previous string is longer than 255 bytes, the next string is expected to begin with a 2-byte prefix length. The code reads stringList[i][0] and stringList[i][1] without checking that the current string has at least two bytes. This issue has been patched in versions 3.2.9, 3.3.11, and 3.4.11.

pub. 2026-05-07
8.8
CVSS
HIGH
CVE-2026-22861

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp. This vulnerability affects users of the iccDEV library who process ICC color profiles. The vulnerability is fixed in 2.3.1.2.

pub. 2026-01-13
8.8
CVSS
HIGH
CVE-2026-22255

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `CIccCLUT::Init()` at `IccProfLib/IccTagLut.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

pub. 2026-01-08
8.8
CVSS
HIGH
CVE-2026-22046

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `CIccProfileXml::ParseBasic()` at `IccXML/IccLibXML/IccProfileXml.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

pub. 2026-01-07
8.8
CVSS
HIGH
CVE-2026-22047

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `SIccCalcOp::Describe()` at `IccProfLib/IccMpeCalc.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

pub. 2026-01-07
8.8
CVSS
HIGH
CVE-2022-1543

Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server.

pub. 2022-04-29
8.7
CVSS
HIGH
CVE-2026-3868

An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management interface, an unauthenticated remote attacker could send specially crafted requests that trigger a buffer overflow condition, causing the web service to become unresponsive. Successful exploitation may result in a denial-of-service condition requiring a device reboot to restore normal operation. While successful exploitation can severely impact the availability of the affected device, no impact to the confidentiality or integrity of the affected product has been identified. Additionally, no confidentiality, integrity, or availability impact to the subsequent system has been identified.

pub. 2026-04-27
8.7
CVSS
HIGH
CVE-2025-14847

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.

pub. 2025-12-19🚩 CISA KEV⚡ EXPLOIT
8.7
CVSS
HIGH
CVE-2025-30659

An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for Secure Vector Routing (SVR) receives a specifically malformed packet the PFE will crash and restart. This issue affects Junos OS on SRX Series: * All 21.4 versions, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2. This issue does not affect versions before 21.4.

pub. 2025-04-09
8.6
CVSS
HIGH
CVE-2026-5367

A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the disclosure of sensitive information stored in heap memory, which is then returned to the attacker's virtual machine port.

pub. 2026-04-24
8.6
CVSS
HIGH
CVE-2022-20870

A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation of IPv4 traffic. An attacker could exploit this vulnerability by sending a malformed packet out of an affected MPLS-enabled interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

pub. 2022-10-10
8.3
CVSS
HIGH
CVE-2026-41898

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callback, set_cookie_generate_cb, and set_stateless_cookie_generate_cb forwarded the user closure's returned usize directly to OpenSSL without checking it against the &mut [u8] that was handed to the closure. This can lead to buffer overflows and other unintended consequences. This vulnerability is fixed in 0.10.78.

pub. 2026-04-24
8.2
CVSS
HIGH
CVE-2026-45615

mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c (specifically INTEGER_oer.c). When parsing a maliciously crafted, zero-length OER payload for a variable-length, non-negative INTEGER type, the decoder fails to validate the required bytes before extracting the Most Significant Bit (MSB). This forces a precise 1-byte Heap Out-of-Bounds (OOB) Read. Because asn1c generated code is primarily deployed to parse untrusted network inputs (such as V2X network protocols, 5G telecom headers, or X.509 certificates), when the decoder processes untrusted network-originated input, a remote attacker can exploit this to cause a Denial of Service (DoS) or trigger incorrect integer interpretation in downstream applications (e.g., protocol state poisoning or logic bypass).

pub. 2026-05-29
8.2
CVSS
HIGH
CVE-2024-37305

oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue.

pub. 2024-06-17
8.1
CVSS
HIGH
CVE-2026-35547

When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to exploit the bug to elevate their privileges.

pub. 2026-04-30
8.1
CVSS
HIGH
CVE-2022-36788

A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially-crafted STL file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

pub. 2023-04-20
8.0
CVSS
HIGH
CVE-2024-37988

Secure Boot Security Feature Bypass Vulnerability

pub. 2024-07-09
8.0
CVSS
HIGH
CVE-2024-37989

Secure Boot Security Feature Bypass Vulnerability

pub. 2024-07-09
Pokazano 20 z 99 podatności
Informacje
ID: CWE-130
Typ: Base
Podatności: 99
MITRE CWE ↗
← Słownik CWE
CWE-130 — Nieprawidłowa obsługa niespójności parametru długości | Słownik CWE | CVEbaza.pl