CWE-248
AllowedUncaught Exception
Abstraction: Base · Status: Draft
An exception is thrown from a function, but it is not caught.
420 vulnerabilities reference this CWE, most recent first.
GHSA-5GGP-WM87-2P6G
Vulnerability from github – Published: 2025-04-01 12:30 – Updated: 2025-04-01 12:30Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, MongoDB v6.0 versions prior to 6.0.20 and MongoDB v7.0 versions prior to 7.0.16
{
"affected": [],
"aliases": [
"CVE-2025-3083"
],
"database_specific": {
"cwe_ids": [
"CWE-248"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-01T12:15:15Z",
"severity": "HIGH"
},
"details": "Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, \u00a0MongoDB v6.0 versions prior to\u00a06.0.20 and MongoDB v7.0 versions prior to 7.0.16",
"id": "GHSA-5ggp-wm87-2p6g",
"modified": "2025-04-01T12:30:35Z",
"published": "2025-04-01T12:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3083"
},
{
"type": "WEB",
"url": "https://jira.mongodb.org/browse/SERVER-103152"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5V93-9MQW-P9MH
Vulnerability from github – Published: 2025-02-14 17:26 – Updated: 2025-02-14 17:26Summary
A vulnerability in the add_share function of the Rewards pallet (part of the ORML repository) can lead to an uncaught Rust panic when handling user-provided input exceeding the u128 range.
Affected Components
- ORML Rewards pallet (
rewards/src/lib.rs) - Any Substrate-based chain using ORML Rewards with
add_shareaccepting unvalidated largeu128inputs
Technical Details
add_shareperforms arithmetic on user-supplied values (add_amount) of typeT::Share(mapped tou128in Acala).- If
add_amountis large enough (e.g.,i128::MAX), the intermediate result may overflow and panic on the cast tou128. - Validation occurs only after arithmetic, enabling a crafted input to trigger an overflow.
Impact
A malicious user submitting a specially crafted extrinsic can cause a panic in the runtime: - Denial of Service by crashing the node process. - Potential for invalid blocks produced by validators.
Likelihood
This issue is exploitable in production if there exists at least one rewards pool where reward tokens exceed twice the collateral tokens, allowing sufficiently large multiplication to exceed u128 bounds.
Remediation
- This issue is fixed in https://github.com/open-web3-stack/open-runtime-module-library/pull/1016
Backport
The patch have been backported to following release branches: - polkadot-stable2407 - polkadot-stable2409
A 1.0.1 patch release is made with this fix.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "orml-rewards"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-248"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-14T17:26:08Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "## Summary\nA vulnerability in the `add_share` function of the **Rewards** pallet (part of the ORML repository) can lead to an uncaught Rust panic when handling user-provided input exceeding the `u128` range.\n\n## Affected Components\n- **ORML Rewards** pallet (`rewards/src/lib.rs`)\n- Any Substrate-based chain using ORML Rewards with `add_share` accepting unvalidated large `u128` inputs\n\n## Technical Details\n- `add_share` performs arithmetic on user-supplied values (`add_amount`) of type `T::Share` (mapped to `u128` in Acala).\n- If `add_amount` is large enough (e.g., `i128::MAX`), the intermediate result may overflow and panic on the cast to `u128`.\n- Validation occurs only after arithmetic, enabling a crafted input to trigger an overflow.\n\n## Impact\nA malicious user submitting a specially crafted extrinsic can cause a panic in the runtime:\n- **Denial of Service** by crashing the node process.\n- **Potential for invalid blocks** produced by validators.\n\n## Likelihood\nThis issue is exploitable in production if there exists at least one rewards pool where reward tokens exceed twice the collateral tokens, allowing sufficiently large multiplication to exceed `u128` bounds.\n\n## Remediation\n- This issue is fixed in https://github.com/open-web3-stack/open-runtime-module-library/pull/1016\n\n## Backport\n\nThe patch have been backported to following release branches:\n- polkadot-stable2407\n- polkadot-stable2409\n\nA 1.0.1 patch release is made with this fix.",
"id": "GHSA-5v93-9mqw-p9mh",
"modified": "2025-02-14T17:26:08Z",
"published": "2025-02-14T17:26:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/open-web3-stack/open-runtime-module-library/security/advisories/GHSA-5v93-9mqw-p9mh"
},
{
"type": "WEB",
"url": "https://github.com/open-web3-stack/open-runtime-module-library/pull/1016"
},
{
"type": "WEB",
"url": "https://github.com/open-web3-stack/open-runtime-module-library/commit/6720fcd92f44e5f204741b04fdef3b67b0fcf6bc"
},
{
"type": "PACKAGE",
"url": "https://github.com/open-web3-stack/open-runtime-module-library"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Uncaught Panic in ORML Rewards Pallet"
}
GHSA-5V9R-24G7-2GX7
Vulnerability from github – Published: 2025-05-02 00:32 – Updated: 2025-05-02 00:32IBM Db2 for Linux, UNIX and Windows 12.1.0 and 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
{
"affected": [],
"aliases": [
"CVE-2024-52903"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-248"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T23:15:50Z",
"severity": "MODERATE"
},
"details": "IBM Db2 for Linux, UNIX and Windows 12.1.0 and 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.",
"id": "GHSA-5v9r-24g7-2gx7",
"modified": "2025-05-02T00:32:15Z",
"published": "2025-05-02T00:32:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52903"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7232336"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5WMX-573V-2QWQ
Vulnerability from github – Published: 2026-03-05 15:30 – Updated: 2026-06-06 00:53Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Markdown"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.8.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-69534"
],
"database_specific": {
"cwe_ids": [
"CWE-248",
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-05T21:59:47Z",
"nvd_published_at": "2026-03-05T15:16:11Z",
"severity": "MODERATE"
},
"details": "Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions.",
"id": "GHSA-5wmx-573v-2qwq",
"modified": "2026-06-06T00:53:00Z",
"published": "2026-03-05T15:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"type": "WEB",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
},
{
"type": "WEB",
"url": "https://github.com/Python-Markdown/markdown/pull/1535"
},
{
"type": "WEB",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"type": "WEB",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/markdown/PYSEC-2026-89.yaml"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/03/06/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "Python-Markdown has an Uncaught Exception"
}
GHSA-6287-HMPP-GMQM
Vulnerability from github – Published: 2024-03-27 18:32 – Updated: 2024-03-27 18:32A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly.
This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.
{
"affected": [],
"aliases": [
"CVE-2024-20276"
],
"database_specific": {
"cwe_ids": [
"CWE-248"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-27T17:15:51Z",
"severity": "HIGH"
},
"details": "A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly.\n\n This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.",
"id": "GHSA-6287-hmpp-gmqm",
"modified": "2024-03-27T18:32:38Z",
"published": "2024-03-27T18:32:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20276"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZG"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6429-3G3W-6MW5
Vulnerability from github – Published: 2022-05-07 00:00 – Updated: 2022-05-24 20:58All versions of the npm package bignum are vulnerable to Denial of Service (DoS) due to a type-check exception in V8. When verifying the type of the second argument to the .powm function, V8 will crash regardless of Node try/catch blocks.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "bignum"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.13.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-25324"
],
"database_specific": {
"cwe_ids": [
"CWE-248"
],
"github_reviewed": true,
"github_reviewed_at": "2022-05-24T20:58:02Z",
"nvd_published_at": "2022-05-06T20:15:00Z",
"severity": "HIGH"
},
"details": "All versions of the npm package bignum are vulnerable to Denial of Service (DoS) due to a type-check exception in V8. When verifying the type of the second argument to the .powm function, V8 will crash regardless of Node try/catch blocks.",
"id": "GHSA-6429-3g3w-6mw5",
"modified": "2022-05-24T20:58:02Z",
"published": "2022-05-07T00:00:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25324"
},
{
"type": "PACKAGE",
"url": "https://github.com/justmoon/node-bignum"
},
{
"type": "WEB",
"url": "https://github.com/justmoon/node-bignum/blob/ef2e02533e598d6df8421000033c4753cde89ee2/index.js#L111"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JS-BIGNUM-2388581"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Uncaught Exception in bignum"
}
GHSA-64F4-QR63-VG45
Vulnerability from github – Published: 2023-07-06 15:30 – Updated: 2024-04-04 05:26Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally.
{
"affected": [],
"aliases": [
"CVE-2023-1691"
],
"database_specific": {
"cwe_ids": [
"CWE-248"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-06T13:15:10Z",
"severity": "HIGH"
},
"details": "Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally.",
"id": "GHSA-64f4-qr63-vg45",
"modified": "2024-04-04T05:26:23Z",
"published": "2023-07-06T15:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1691"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7"
},
{
"type": "WEB",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-654W-X4W9-5262
Vulnerability from github – Published: 2025-02-05 18:34 – Updated: 2025-02-05 18:34A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device.
This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
{
"affected": [],
"aliases": [
"CVE-2025-20171"
],
"database_specific": {
"cwe_ids": [
"CWE-248"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-05T17:15:23Z",
"severity": "HIGH"
},
"details": "A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device.\n\nThis vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.\u0026nbsp;\nThis vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.",
"id": "GHSA-654w-x4w9-5262",
"modified": "2025-02-05T18:34:45Z",
"published": "2025-02-05T18:34:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20171"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6827-G8XF-36C7
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-20 12:32A vulnerability in danny-avila/librechat version git a1647d7 allows an unauthenticated attacker to cause a denial of service by sending a crafted payload to the server. The middleware checkBan is not surrounded by a try-catch block, and an unhandled exception will cause the server to crash. This issue is fixed in version 0.7.6.
{
"affected": [],
"aliases": [
"CVE-2024-11172"
],
"database_specific": {
"cwe_ids": [
"CWE-248",
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-20T10:15:24Z",
"severity": "HIGH"
},
"details": "A vulnerability in danny-avila/librechat version git a1647d7 allows an unauthenticated attacker to cause a denial of service by sending a crafted payload to the server. The middleware `checkBan` is not surrounded by a try-catch block, and an unhandled exception will cause the server to crash. This issue is fixed in version 0.7.6.",
"id": "GHSA-6827-g8xf-36c7",
"modified": "2025-03-20T12:32:41Z",
"published": "2025-03-20T12:32:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11172"
},
{
"type": "WEB",
"url": "https://github.com/danny-avila/librechat/commit/976784c01fa4cce00d4c2941801d56aed375c21b"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/c76a7ee3-2e26-45a0-8940-21c749592105"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6M9Q-HWQP-8RV6
Vulnerability from github – Published: 2026-03-04 18:31 – Updated: 2026-03-04 18:31Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection.
This vulnerability is due to incomplete error checking when parsing remote procedure call (RPC) data. An attacker could exploit this vulnerability by sending crafted RPC packets through an established connection to be parsed by Snort 3. A successful exploit could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine unexpectedly restarts.
{
"affected": [],
"aliases": [
"CVE-2026-20068"
],
"database_specific": {
"cwe_ids": [
"CWE-248"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-04T18:16:22Z",
"severity": "MODERATE"
},
"details": "Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection.\n\nThis vulnerability is due to incomplete error checking when parsing remote procedure call (RPC) data. An attacker could exploit this vulnerability by sending crafted RPC packets through an established connection to be parsed by Snort 3. A successful exploit could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine unexpectedly restarts.",
"id": "GHSA-6m9q-hwqp-8rv6",
"modified": "2026-03-04T18:31:55Z",
"published": "2026-03-04T18:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20068"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-multi-dos-XFWkWSwz"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.