Common Weakness Enumeration

CWE-670

Allowed-with-Review

Always-Incorrect Control Flow Implementation

Abstraction: Class · Status: Draft

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

203 vulnerabilities reference this CWE, most recent first.

GHSA-858P-Q38Q-G87R

Vulnerability from github – Published: 2024-03-20 15:32 – Updated: 2025-11-04 21:31
VLAI
Details

Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-46840"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-20T11:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Incorrect placement of a preprocessor directive in source code results\nin logic that doesn\u0027t operate as intended when support for HVM guests is\ncompiled out of Xen.",
  "id": "GHSA-858p-q38q-g87r",
  "modified": "2025-11-04T21:31:20Z",
  "published": "2024-03-20T15:32:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46840"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R"
    },
    {
      "type": "WEB",
      "url": "https://xenbits.xenproject.org/xsa/advisory-450.html"
    },
    {
      "type": "WEB",
      "url": "http://xenbits.xen.org/xsa/advisory-450.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8CXM-3P35-J3M6

Vulnerability from github – Published: 2024-03-14 09:31 – Updated: 2024-03-14 09:31
VLAI
Details

A malicious insider exploiting this vulnerability can circumvent existing security controls put in place by the organization. On the contrary, if the victim is legitimately using the temporary bypass to reach out to the Internet for retrieving application and system updates, a remote device could target it and undo the bypass, thereby denying the victim access to the update service, causing it to fail.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-0313"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-14T09:15:47Z",
    "severity": "MODERATE"
  },
  "details": "A malicious insider exploiting this vulnerability can circumvent existing security controls put in place by the organization. On the contrary, if the victim is legitimately using the temporary bypass to reach out to the Internet for retrieving application and system updates, a remote device could target it and undo the bypass, thereby denying the victim access to the update service, causing it to fail. ",
  "id": "GHSA-8cxm-3p35-j3m6",
  "modified": "2024-03-14T09:31:04Z",
  "published": "2024-03-14T09:31:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0313"
    },
    {
      "type": "WEB",
      "url": "https://kcm.trellix.com/corporate/index?page=content\u0026id=SB10418"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8VQJ-758H-QH3X

Vulnerability from github – Published: 2022-05-13 01:19 – Updated: 2022-05-13 01:19
VLAI
Details

In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-19212"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-11-12T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.",
  "id": "GHSA-8vqj-758h-qh3x",
  "modified": "2022-05-13T01:19:45Z",
  "published": "2022-05-13T01:19:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19212"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644196"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8WR7-69HR-44PW

Vulnerability from github – Published: 2026-04-15 15:31 – Updated: 2026-04-15 15:31
VLAI
Details

Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-40719"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-15T07:16:11Z",
    "severity": "HIGH"
  },
  "details": "Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved.",
  "id": "GHSA-8wr7-69hr-44pw",
  "modified": "2026-04-15T15:31:40Z",
  "published": "2026-04-15T15:31:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/samboy/MaraDNS/security/advisories/GHSA-cfc6-vhrv-62cj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40719"
    },
    {
      "type": "WEB",
      "url": "https://maradns.samiam.org/changelog.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9328-GCFQ-P269

Vulnerability from github – Published: 2024-05-18 00:30 – Updated: 2024-11-04 21:30
VLAI
Summary
Tor Arti's STUB circuits incorrectly have a length of 2
Details

In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka TROVE-2024-003.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "arti"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.2.2"
            },
            {
              "fixed": "1.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.2.2"
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "tor-circmgr"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.18.0"
            },
            {
              "fixed": "0.18.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.18.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2024-35312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670",
      "CWE-754"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-20T16:18:10Z",
    "nvd_published_at": "2024-05-17T22:15:07Z",
    "severity": "HIGH"
  },
  "details": "In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka TROVE-2024-003.",
  "id": "GHSA-9328-gcfq-p269",
  "modified": "2024-11-04T21:30:45Z",
  "published": "2024-05-18T00:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35312"
    },
    {
      "type": "PACKAGE",
      "url": "https://gitlab.torproject.org/tpo/core/arti"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.torproject.org/tpo/core/arti/-/blob/main/CHANGELOG.md#arti-123-15-may-2024"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.torproject.org/tpo/core/arti/-/commit/da95138c14f762c706e46e89c6adfa46fcd5252c"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.torproject.org/tpo/core/arti/-/issues/1409"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/2145"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/2154"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/2156"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2024-0339.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Tor Arti\u0027s STUB circuits incorrectly have a length of 2"
}

GHSA-949P-HQW3-RGM2

Vulnerability from github – Published: 2024-06-14 18:31 – Updated: 2024-06-14 18:31
VLAI
Details

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device would be compromised.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-5659"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-14T17:15:51Z",
    "severity": null
  },
  "details": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised.",
  "id": "GHSA-949p-hqw3-rgm2",
  "modified": "2024-06-14T18:31:45Z",
  "published": "2024-06-14T18:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5659"
    },
    {
      "type": "WEB",
      "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-95CH-MQCF-W529

Vulnerability from github – Published: 2023-08-11 03:30 – Updated: 2024-04-04 06:51
VLAI
Details

Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-28711"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670",
      "CWE-691"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-11T03:15:25Z",
    "severity": "MODERATE"
  },
  "details": "Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access.",
  "id": "GHSA-95ch-mqcf-w529",
  "modified": "2024-04-04T06:51:19Z",
  "published": "2023-08-11T03:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28711"
    },
    {
      "type": "WEB",
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00879.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-96VR-JXMC-X8JC

Vulnerability from github – Published: 2025-09-16 00:30 – Updated: 2025-09-16 18:31
VLAI
Details

A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A UDP server socket bound to a local interface may become bound to all interfaces.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-43359"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-15T23:15:37Z",
    "severity": "CRITICAL"
  },
  "details": "A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A UDP server socket bound to a local interface may become bound to all interfaces.",
  "id": "GHSA-96vr-jxmc-x8jc",
  "modified": "2025-09-16T18:31:23Z",
  "published": "2025-09-16T00:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43359"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125108"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125109"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125110"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125111"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125112"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125114"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125115"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125116"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9F4W-67G7-MQWV

Vulnerability from github – Published: 2026-04-03 03:26 – Updated: 2026-04-20 23:59
VLAI
Summary
OpenClaw: Endpoint persists after trust decline, leaking gateway credentials
Details

Summary

Remote onboarding preserves attacker-discovered endpoint after trust decline, routing gateway credentials to it

Current Maintainer Triage

  • Status: narrow
  • Normalized severity: medium
  • Assessment: Real shipped onboarding trust-decline bug because the declined discovered URL survived into the manual prompt, but operator acceptance of that prefill is still required, so medium.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published npm version: 2026.3.31
  • Vulnerable version range: <=2026.3.28
  • Patched versions: >= 2026.3.31
  • First stable tag containing the fix: v2026.3.31

Fix Commit(s)

  • 2a75416634837c21ed05b8c3ed906eb7a7807060 — 2026-03-30T20:03:06+01:00

Release Process Note

  • The fix is already present in released version 2026.3.31.
  • This draft looks ready for final maintainer disposition or publication, not additional code-fix work.

Thanks @zsxsoft for reporting.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.3.28"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.3.31"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-41300"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-03T03:26:14Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "## Summary\nRemote onboarding preserves attacker-discovered endpoint after trust decline, routing gateway credentials to it\n\n## Current Maintainer Triage\n- Status: narrow\n- Normalized severity: medium\n- Assessment: Real shipped onboarding trust-decline bug because the declined discovered URL survived into the manual prompt, but operator acceptance of that prefill is still required, so medium.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published npm version: `2026.3.31`\n- Vulnerable version range: `\u003c=2026.3.28`\n- Patched versions: `\u003e= 2026.3.31`\n- First stable tag containing the fix: `v2026.3.31`\n\n## Fix Commit(s)\n- `2a75416634837c21ed05b8c3ed906eb7a7807060` \u2014 2026-03-30T20:03:06+01:00\n\n## Release Process Note\n- The fix is already present in released version `2026.3.31`.\n- This draft looks ready for final maintainer disposition or publication, not additional code-fix work.\n\nThanks @zsxsoft for reporting.",
  "id": "GHSA-9f4w-67g7-mqwv",
  "modified": "2026-04-20T23:59:40Z",
  "published": "2026-04-03T03:26:14Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-9f4w-67g7-mqwv"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/2a75416634837c21ed05b8c3ed906eb7a7807060"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.3.31"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw: Endpoint persists after trust decline, leaking gateway credentials"
}

GHSA-9VH8-8GPJ-8C68

Vulnerability from github – Published: 2022-05-24 17:30 – Updated: 2022-05-24 17:30
VLAI
Details

Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM) Processors and Intel(R) Celeron(R) Processor 4000 Series may allow an authenticated user to potentially enable information disclosure via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-8671"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-05T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM) Processors and Intel(R) Celeron(R) Processor 4000 Series may allow an authenticated user to potentially enable information disclosure via local access.",
  "id": "GHSA-9vh8-8gpj-8c68",
  "modified": "2022-05-24T17:30:07Z",
  "published": "2022-05-24T17:30:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8671"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00356.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.