CWE-665
DiscouragedImproper Initialization
Abstraction: Class · Status: Draft
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
425 vulnerabilities reference this CWE, most recent first.
GHSA-743W-MVM7-47JM
Vulnerability from github – Published: 2023-02-26 15:30 – Updated: 2023-03-07 21:30A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221807.
{
"affected": [],
"aliases": [
"CVE-2023-1048"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-26T13:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221807.",
"id": "GHSA-743w-mvm7-47jm",
"modified": "2023-03-07T21:30:18Z",
"published": "2023-02-26T15:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1048"
},
{
"type": "WEB",
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1048"
},
{
"type": "WEB",
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned5"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.221807"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.221807"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-745P-R637-7VVP
Vulnerability from github – Published: 2022-10-06 20:01 – Updated: 2022-10-06 20:01Impact
Setting $secure or $httponly value to true in Config\Cookie is not reflected in set_cookie() or Response::setCookie().
Note This vulnerability does not affect session cookies.
The following code does not issue a cookie with the secure flag even if you set $secure = true in Config\Cookie.
helper('cookie');
$cookie = [
'name' => $name,
'value' => $value,
];
set_cookie($cookie);
// or
$this->response->setCookie($cookie);
Patches
Upgrade to v4.2.7 or later.
Workarounds
- Specify the options explicitly. ```php helper('cookie');
$cookie = [
'name' => $name,
'value' => $value,
'secure' => true,
'httponly' => true,
];
set_cookie($cookie);
// or
$this->response->setCookie($cookie);
2. Use Cookie object.php
use CodeIgniter\Cookie\Cookie;
helper('cookie');
$cookie = new Cookie($name, $value); set_cookie($cookie); // or $this->response->setCookie($cookie); ```
References
- https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie
- https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter\HTTP\Response::setCookie
For more information
If you have any questions or comments about this advisory: * Open an issue in codeigniter4/CodeIgniter4 * Email us at SECURITY.md
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "codeigniter4/framework"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.2.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-39284"
],
"database_specific": {
"cwe_ids": [
"CWE-665",
"CWE-732"
],
"github_reviewed": true,
"github_reviewed_at": "2022-10-06T20:01:41Z",
"nvd_published_at": "2022-10-06T20:15:00Z",
"severity": "LOW"
},
"details": "### Impact\nSetting `$secure` or `$httponly` value to `true` in `Config\\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`.\n\n\u003e **Note**\n\u003e This vulnerability does not affect session cookies.\n\nThe following code does not issue a cookie with the secure flag even if you set `$secure = true` in `Config\\Cookie`.\n\n```php\nhelper(\u0027cookie\u0027);\n\n$cookie = [\n \u0027name\u0027 =\u003e $name,\n \u0027value\u0027 =\u003e $value,\n];\nset_cookie($cookie);\n// or\n$this-\u003eresponse-\u003esetCookie($cookie);\n```\n\n### Patches\nUpgrade to v4.2.7 or later.\n\n### Workarounds\n1. Specify the options explicitly.\n ```php\n helper(\u0027cookie\u0027);\n\n $cookie = [\n \u0027name\u0027 =\u003e $name,\n \u0027value\u0027 =\u003e $value,\n \u0027secure\u0027 =\u003e true,\n \u0027httponly\u0027 =\u003e true,\n ];\n set_cookie($cookie);\n // or\n $this-\u003eresponse-\u003esetCookie($cookie);\n ```\n2. Use Cookie object.\n ```php\n use CodeIgniter\\Cookie\\Cookie;\n\n helper(\u0027cookie\u0027);\n\n $cookie = new Cookie($name, $value);\n set_cookie($cookie);\n // or\n $this-\u003eresponse-\u003esetCookie($cookie);\n ```\n\n### References\n- https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie\n- https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter\\HTTP\\Response::setCookie\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [codeigniter4/CodeIgniter4](https://github.com/codeigniter4/CodeIgniter4/issues)\n* Email us at [SECURITY.md](https://github.com/codeigniter4/CodeIgniter4/blob/develop/SECURITY.md)\n",
"id": "GHSA-745p-r637-7vvp",
"modified": "2022-10-06T20:01:41Z",
"published": "2022-10-06T20:01:41Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-745p-r637-7vvp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39284"
},
{
"type": "WEB",
"url": "https://github.com/codeigniter4/CodeIgniter4/issues/6540"
},
{
"type": "WEB",
"url": "https://github.com/codeigniter4/CodeIgniter4/pull/6544"
},
{
"type": "WEB",
"url": "https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie"
},
{
"type": "WEB",
"url": "https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter%5CHTTP%5CResponse::setCookie"
},
{
"type": "WEB",
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies"
},
{
"type": "WEB",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/codeigniter4/framework/CVE-2022-39284.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/codeigniter4/CodeIgniter4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Codeigniter4\u0027s Secure or HttpOnly flag set in Config\\Cookie is not reflected in Cookies issued"
}
GHSA-759R-C5HW-QM9Q
Vulnerability from github – Published: 2026-03-11 21:31 – Updated: 2026-03-11 21:31A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code.
{
"affected": [],
"aliases": [
"CVE-2026-0940"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-11T21:16:13Z",
"severity": "HIGH"
},
"details": "A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code.",
"id": "GHSA-759r-c5hw-qm9q",
"modified": "2026-03-11T21:31:03Z",
"published": "2026-03-11T21:31:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0940"
},
{
"type": "WEB",
"url": "https://support.lenovo.com/us/en/product_security/LEN-213040"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-75R2-JHX8-X356
Vulnerability from github – Published: 2022-05-13 01:18 – Updated: 2022-05-13 01:18Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
{
"affected": [],
"aliases": [
"CVE-2018-10115"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-05-02T21:29:00Z",
"severity": "HIGH"
},
"details": "Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.",
"id": "GHSA-75r2-jhx8-x356",
"modified": "2022-05-13T01:18:48Z",
"published": "2022-05-13T01:18:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10115"
},
{
"type": "WEB",
"url": "https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/sevenzip/discussion/45797/thread/adc65bfa"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104132"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040832"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-766G-QR22-C7RH
Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-05-24 17:47In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174150451
{
"affected": [],
"aliases": [
"CVE-2021-0435"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-13T19:15:00Z",
"severity": "HIGH"
},
"details": "In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174150451",
"id": "GHSA-766g-qr22-c7rh",
"modified": "2022-05-24T17:47:12Z",
"published": "2022-05-24T17:47:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0435"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2021-04-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-7674-FJ4M-C42F
Vulnerability from github – Published: 2024-02-27 12:31 – Updated: 2024-04-10 18:30In the Linux kernel, the following vulnerability has been resolved:
Input: appletouch - initialize work before device registration
Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization.
This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens after input_register_device() call.
So this patch moves dev->work initialization before registering input device
{
"affected": [],
"aliases": [
"CVE-2021-46932"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-27T10:15:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: appletouch - initialize work before device registration\n\nSyzbot has reported warning in __flush_work(). This warning is caused by\nwork-\u003efunc == NULL, which means missing work initialization.\n\nThis may happen, since input_dev-\u003eclose() calls\ncancel_work_sync(\u0026dev-\u003ework), but dev-\u003ework initalization happens _after_\ninput_register_device() call.\n\nSo this patch moves dev-\u003ework initialization before registering input\ndevice",
"id": "GHSA-7674-fj4m-c42f",
"modified": "2024-04-10T18:30:47Z",
"published": "2024-02-27T12:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46932"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-76V6-7M6G-P6V4
Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2025-10-22 00:32A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory.
{
"affected": [],
"aliases": [
"CVE-2020-27950"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-08T21:15:00Z",
"severity": "HIGH"
},
"details": "A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory.",
"id": "GHSA-76v6-7m6g-p6v4",
"modified": "2025-10-22T00:32:01Z",
"published": "2022-05-24T17:35:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27950"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT211928"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT211929"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT211931"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT211940"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT211944"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT211945"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT211946"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT211947"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-27950"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/161296/XNU-Kernel-Mach-Message-Trailers-Memory-Disclosure.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2020/Dec/32"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-788R-RF8C-VGJ3
Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied input validation when a custom extension attempts to change a DHCPv6 packet received by the application. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to the application. An exploit could allow the attacker to trigger a restart of the service which, if exploited repeatedly, might lead to a DoS condition. This vulnerability can only be exploited if the administrator of the server has previously installed custom extensions that attempt to modify the packet details before the packet has been processed. Note: Although the CVSS score matches a High SIR, this has been lowered to Medium because this condition will only affect an application that has customer-developed extensions that will attempt to modify packet parameters before the packet has been completely sanitized. If packet modification in a custom extension happens after the packet has been sanitized, the application will not be affected by this vulnerability. Software versions prior to 8.3(7) and 9.1(2) are affected.
{
"affected": [],
"aliases": [
"CVE-2019-1840"
],
"database_specific": {
"cwe_ids": [
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-18T02:29:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied input validation when a custom extension attempts to change a DHCPv6 packet received by the application. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to the application. An exploit could allow the attacker to trigger a restart of the service which, if exploited repeatedly, might lead to a DoS condition. This vulnerability can only be exploited if the administrator of the server has previously installed custom extensions that attempt to modify the packet details before the packet has been processed. Note: Although the CVSS score matches a High SIR, this has been lowered to Medium because this condition will only affect an application that has customer-developed extensions that will attempt to modify packet parameters before the packet has been completely sanitized. If packet modification in a custom extension happens after the packet has been sanitized, the application will not be affected by this vulnerability. Software versions prior to 8.3(7) and 9.1(2) are affected.",
"id": "GHSA-788r-rf8c-vgj3",
"modified": "2022-05-13T01:31:18Z",
"published": "2022-05-13T01:31:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1840"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-pnr-dos"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108033"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7899-W6C4-VQC4
Vulnerability from github – Published: 2025-05-05 17:03 – Updated: 2025-05-05 22:06Summary
A logic error in the main summaly function causes the allowRedirects option to never be passed to any plugins, and as a result, isn't enforced.
Details
In the main summaly function, a new scrapingOptions object is created and passed to either the matched plugin, if any, or the default summarize function. The issue here is that the new scrapingOptions object is not provided the allowRedirects property of opts.
PoC
- Publish a post containing a link to any URL that redirects on Misskey.
- A preview will be generated for the target of the redirect, despite Misskey passing
allowRedirects: false.
Impact
Misskey will follow redirects, despite explicitly requesting not to.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@misskey-dev/summaly"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.1"
},
{
"fixed": "5.2.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-46553"
],
"database_specific": {
"cwe_ids": [
"CWE-601",
"CWE-665",
"CWE-669",
"CWE-693"
],
"github_reviewed": true,
"github_reviewed_at": "2025-05-05T17:03:20Z",
"nvd_published_at": "2025-05-05T19:15:56Z",
"severity": "LOW"
},
"details": "### Summary\nA logic error in the main `summaly` function causes the `allowRedirects` option to never be passed to any plugins, and as a result, isn\u0027t enforced.\n\n### Details\nIn the main `summaly` function, a new `scrapingOptions` object is created and passed to either the matched plugin, if any, or the default summarize function. The issue here is that the new `scrapingOptions` object is not provided the `allowRedirects` property of `opts`.\n\n### PoC\n- Publish a post containing a link to any URL that redirects on Misskey.\n- A preview will be generated for the target of the redirect, despite Misskey passing `allowRedirects: false`.\n\n### Impact\nMisskey will follow redirects, despite explicitly requesting not to.",
"id": "GHSA-7899-w6c4-vqc4",
"modified": "2025-05-05T22:06:39Z",
"published": "2025-05-05T17:03:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/misskey-dev/summaly/security/advisories/GHSA-7899-w6c4-vqc4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46553"
},
{
"type": "WEB",
"url": "https://github.com/misskey-dev/summaly/commit/45153b4f08a772c395a13f7a25399dd87ed022ed"
},
{
"type": "PACKAGE",
"url": "https://github.com/misskey-dev/summaly"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "@misskey-dev/summaly Redirect Filter Bypass"
}
GHSA-7CV2-F4F9-VW96
Vulnerability from github – Published: 2022-05-17 00:56 – Updated: 2025-10-22 03:30Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
{
"affected": [],
"aliases": [
"CVE-2013-1675"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-665"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-05-16T11:45:00Z",
"severity": "MODERATE"
},
"details": "Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.",
"id": "GHSA-7cv2-f4f9-vw96",
"modified": "2025-10-22T03:30:33Z",
"published": "2022-05-17T00:56:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1675"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=866825"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16976"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-1675"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00010.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00011.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00012.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00006.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00008.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0820.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0821.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2013/dsa-2699"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:165"
},
{
"type": "WEB",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-47.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/59858"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1822-1"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1823-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-3
Strategy: Language Selection
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, in Java, if the programmer does not explicitly initialize a variable, then the code could produce a compile-time error (if the variable is local) or automatically initialize the variable to the default value for the variable's type. In Perl, if explicit initialization is not performed, then a default value of undef is assigned, which is interpreted as 0, false, or an equivalent value depending on the context in which the variable is accessed.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all your variables and other data stores, either during declaration or just before the first usage.
Mitigation
Pay close attention to complex conditionals that affect initialization, since some conditions might not perform the initialization.
Mitigation
Avoid race conditions (CWE-362) during initialization routines.
Mitigation
Run or compile your product with settings that generate warnings about uninitialized variables or data.
CAPEC-26: Leveraging Race Conditions
The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with their version and cause the system to read the malicious file.
CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.