CVEbaza.plSłownik CWECWE-479
Common Weakness Enumeration

CWE-479

Signal Handler Use of a Non-reentrant Function

Kategoria: VariantCVE: 2
Opis

Produkt definiuje procedurę obsługi sygnału, która wywołuje funkcję nierentrantną. Może to prowadzić do nieprzewidywalnego zachowania i błędów w programie, szczególnie gdy funkcja jest już wykonywana w głównym kodzie.

Description (EN)

The product defines a signal handler that calls a non-reentrant function.

Podatności CVE z CWE-479 (2)
8.6
CVSS
HIGH
CVE-2026-44011

Craft CMS is a content management system (CMS). From 4.0.0 to before 4.17.12 and 5.9.18, Craft CMS which contains an input-handling flaw in a Yii object creation path that let any authenticated user inject malicious configuration and execute arbitrary commands on the server. The request-controlled condition field layouts data is converted into a live FieldLayout object without a Component::cleanseConfig() boundary. Because Craft configures models before parent::__construct(), attacker-controlled special config keys can take effect during object creation, and FieldLayout initialization then triggers a same-request event. This vulnerability is fixed in 4.17.12 and 5.9.18.

pub. 2026-05-12
7.8
CVSS
HIGH
CVE-2021-26948

Null pointer dereference in the htmldoc v1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service via a crafted html file.

pub. 2022-03-03
Informacje
ID: CWE-479
Typ: Variant
Podatności: 2
MITRE CWE ↗
← Słownik CWE