Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-JQ8G-94VX-PGRM

Vulnerability from github – Published: 2022-05-24 19:15 – Updated: 2022-05-24 19:15
VLAI
Details

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in abc.c. It allows an attacker to cause Denial of Service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39585"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-20T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function traits_dump() located in abc.c. It allows an attacker to cause Denial of Service.",
  "id": "GHSA-jq8g-94vx-pgrm",
  "modified": "2022-05-24T19:15:05Z",
  "published": "2022-05-24T19:15:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39585"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matthiaskramm/swftools/issues/133"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-JQ8P-424G-CH9J

Vulnerability from github – Published: 2022-08-19 00:00 – Updated: 2022-08-19 00:00
VLAI
Details

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0223.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-2874"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-18T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0223.",
  "id": "GHSA-jq8p-424g-ch9j",
  "modified": "2022-08-19T00:00:20Z",
  "published": "2022-08-19T00:00:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2874"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vim/vim/commit/4875d6ab068f09df88d24d81de40dcd8d56e243d"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/95f97dfe-247d-475d-9740-b7adc71f4c79"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202305-16"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JQGM-J6XQ-3V4Q

Vulnerability from github – Published: 2024-08-26 12:31 – Updated: 2024-08-27 15:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add null check in resource_log_pipe_topology_update

[WHY] When switching from "Extend" to "Second Display Only" we sometimes call resource_get_otg_master_for_stream on a stream for the eDP, which is disconnected. This leads to a null pointer dereference.

[HOW] Added a null check in dc_resource.c/resource_log_pipe_topology_update.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-43886"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-26T11:15:03Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check in resource_log_pipe_topology_update\n\n[WHY]\nWhen switching from \"Extend\" to \"Second Display Only\" we sometimes\ncall resource_get_otg_master_for_stream on a stream for the eDP,\nwhich is disconnected. This leads to a null pointer dereference.\n\n[HOW]\nAdded a null check in dc_resource.c/resource_log_pipe_topology_update.",
  "id": "GHSA-jqgm-j6xq-3v4q",
  "modified": "2024-08-27T15:32:43Z",
  "published": "2024-08-26T12:31:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43886"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/899d92fd26fe780aad711322aa671f68058207a6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c36e922a36bdf69765c340a0857ca74092003bee"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JQH6-VQXW-FCV3

Vulnerability from github – Published: 2022-05-14 03:59 – Updated: 2025-06-10 15:30
VLAI
Details

The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-6954"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-01-12T18:34:00Z",
    "severity": "MODERATE"
  },
  "details": "The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.",
  "id": "GHSA-jqh6-vqxw-fcv3",
  "modified": "2025-06-10T15:30:31Z",
  "published": "2022-05-14T03:59:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6954"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2014:0413"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2014:0414"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1045561"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
    },
    {
      "type": "WEB",
      "url": "http://advisories.mageia.org/MGASA-2014-0075.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127947.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127952.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128098.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128099.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128114.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00071.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/58974"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/59058"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/p/libpng/code/ci/1faa6ff32c648acfe3cf30a58d31d7aebc24968c"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/projects/libpng/files/libpng16/1.6.8"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/650142"
    },
    {
      "type": "WEB",
      "url": "http://www.libpng.org/pub/png/libpng.html"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:035"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/64493"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JQHX-H33H-G3QG

Vulnerability from github – Published: 2022-05-14 02:18 – Updated: 2022-05-14 02:18
VLAI
Details

Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference vulnerability in Function jsi_ValueCopyMove from jsiValue.c:240 that can result in Crash due to segmentation fault. This attack appear to be exploitable via a crafted javascript code. This vulnerability appears to have been fixed in 2.4.67.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-1000655"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-20T19:31:00Z",
    "severity": "MODERATE"
  },
  "details": "Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference vulnerability in Function jsi_ValueCopyMove from jsiValue.c:240 that can result in Crash due to segmentation fault. This attack appear to be exploitable via a crafted javascript code. This vulnerability appears to have been fixed in 2.4.67.",
  "id": "GHSA-jqhx-h33h-g3qg",
  "modified": "2022-05-14T02:18:54Z",
  "published": "2022-05-14T02:18:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000655"
    },
    {
      "type": "WEB",
      "url": "https://jsish.org/fossil/jsi/tktview/3b8f95574f2c9dddf5ffea71e0086b2e6f6dd71e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JQMP-H258-VVV4

Vulnerability from github – Published: 2026-05-28 12:30 – Updated: 2026-06-11 03:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

octeon_ep_vf: add NULL check for napi_build_skb()

napi_build_skb() can return NULL on allocation failure. In __octep_vf_oq_process_rx(), the result is used directly without a NULL check in both the single-buffer and multi-fragment paths, leading to a NULL pointer dereference.

Add NULL checks after both napi_build_skb() calls, properly advancing descriptors and consuming remaining fragments on failure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-46188"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T10:16:34Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep_vf: add NULL check for napi_build_skb()\n\nnapi_build_skb() can return NULL on allocation failure. In\n__octep_vf_oq_process_rx(), the result is used directly without a NULL\ncheck in both the single-buffer and multi-fragment paths, leading to a\nNULL pointer dereference.\n\nAdd NULL checks after both napi_build_skb() calls, properly advancing\ndescriptors and consuming remaining fragments on failure.",
  "id": "GHSA-jqmp-h258-vvv4",
  "modified": "2026-06-11T03:30:23Z",
  "published": "2026-05-28T12:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46188"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/60246cdd4c515ea7d920cddf48932efcb990773e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6fef6640bbf360e254cc0174365ed30ce3a07572"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b0f4711b426a06fb4c4be85c36b9f5588d5140d3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dd66b42854705e4e4ee7f14d260f86c578bed3e3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JQMP-HJG9-VHWH

Vulnerability from github – Published: 2022-05-14 02:20 – Updated: 2025-04-20 03:41
VLAI
Details

GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-11642"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-26T08:29:00Z",
    "severity": "HIGH"
  },
  "details": "GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.",
  "id": "GHSA-jqmp-hjg9-vhwh",
  "modified": "2025-04-20T03:41:28Z",
  "published": "2022-05-14T02:20:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11642"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4222-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4321"
    },
    {
      "type": "WEB",
      "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/29550606d8b9"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/100395"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JQR2-8282-9V96

Vulnerability from github – Published: 2022-05-14 03:44 – Updated: 2022-05-14 03:44
VLAI
Details

Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-5727"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-02T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access.",
  "id": "GHSA-jqr2-8282-9v96",
  "modified": "2022-05-14T03:44:29Z",
  "published": "2022-05-14T03:44:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5727"
    },
    {
      "type": "WEB",
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00089\u0026languageid=en-fr"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JRJ6-7P65-RQF2

Vulnerability from github – Published: 2024-05-17 15:31 – Updated: 2025-09-19 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: mediatek: sof-common: Add NULL check for normal_link string

It's not granted that all entries of struct sof_conn_stream declare a normal_link (a non-SOF, direct link) string, and this is the case for SoCs that support only SOF paths (hence do not support both direct and SOF usecases).

For example, in the case of MT8188 there is no normal_link string in any of the sof_conn_stream entries and there will be more drivers doing that in the future.

To avoid possible NULL pointer KPs, add a NULL check for normal_link.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35842"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-17T15:15:21Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: sof-common: Add NULL check for normal_link string\n\nIt\u0027s not granted that all entries of struct sof_conn_stream declare\na `normal_link` (a non-SOF, direct link) string, and this is the case\nfor SoCs that support only SOF paths (hence do not support both direct\nand SOF usecases).\n\nFor example, in the case of MT8188 there is no normal_link string in\nany of the sof_conn_stream entries and there will be more drivers\ndoing that in the future.\n\nTo avoid possible NULL pointer KPs, add a NULL check for `normal_link`.",
  "id": "GHSA-jrj6-7p65-rqf2",
  "modified": "2025-09-19T21:31:15Z",
  "published": "2024-05-17T15:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35842"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b1d3db6740d0997ffc6e5a0d96ef7cbd62b35fdd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cad471227a37c0c7c080bfc9ed01b53750e82afe"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cde6ca5872bf67744dffa875a7cb521ab007b7ef"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e3b3ec967a7d93b9010a5af9a2394c8b5c8f31ed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JRMM-8WHF-PXXQ

Vulnerability from github – Published: 2025-04-02 15:31 – Updated: 2025-04-10 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: fix missing .is_two_pixels_per_container

Starting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1, due to lack of .is_two_pixels_per_container function in dce60_tg_funcs, causes a NULL pointer dereference on PCs with old GPUs, such as R9 280X.

So this fix adds missing .is_two_pixels_per_container to dce60_tg_funcs.

(cherry picked from commit bd4b125eb949785c6f8a53b0494e32795421209d)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21989"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-02T13:15:43Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix missing .is_two_pixels_per_container\n\nStarting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1,\ndue to lack of .is_two_pixels_per_container function in dce60_tg_funcs,\ncauses a NULL pointer dereference on PCs with old GPUs, such as R9 280X.\n\nSo this fix adds missing .is_two_pixels_per_container to dce60_tg_funcs.\n\n(cherry picked from commit bd4b125eb949785c6f8a53b0494e32795421209d)",
  "id": "GHSA-jrmm-8whf-pxxq",
  "modified": "2025-04-10T15:31:45Z",
  "published": "2025-04-02T15:31:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21989"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/36d04c9313d8d83ead92242f037099ac73e02120"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e204aab79e01bc8ff750645666993ed8b719de57"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fefa811e616b5d0b555ed65743e528a0a8a0b377"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.