CWE-670
Allowed-with-ReviewAlways-Incorrect Control Flow Implementation
Abstraction: Class · Status: Draft
The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.
203 vulnerabilities reference this CWE, most recent first.
GHSA-858P-Q38Q-G87R
Vulnerability from github – Published: 2024-03-20 15:32 – Updated: 2025-11-04 21:31Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen.
{
"affected": [],
"aliases": [
"CVE-2023-46840"
],
"database_specific": {
"cwe_ids": [
"CWE-670"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-20T11:15:08Z",
"severity": "MODERATE"
},
"details": "Incorrect placement of a preprocessor directive in source code results\nin logic that doesn\u0027t operate as intended when support for HVM guests is\ncompiled out of Xen.",
"id": "GHSA-858p-q38q-g87r",
"modified": "2025-11-04T21:31:20Z",
"published": "2024-03-20T15:32:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46840"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R"
},
{
"type": "WEB",
"url": "https://xenbits.xenproject.org/xsa/advisory-450.html"
},
{
"type": "WEB",
"url": "http://xenbits.xen.org/xsa/advisory-450.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8CXM-3P35-J3M6
Vulnerability from github – Published: 2024-03-14 09:31 – Updated: 2024-03-14 09:31A malicious insider exploiting this vulnerability can circumvent existing security controls put in place by the organization. On the contrary, if the victim is legitimately using the temporary bypass to reach out to the Internet for retrieving application and system updates, a remote device could target it and undo the bypass, thereby denying the victim access to the update service, causing it to fail.
{
"affected": [],
"aliases": [
"CVE-2024-0313"
],
"database_specific": {
"cwe_ids": [
"CWE-670"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-14T09:15:47Z",
"severity": "MODERATE"
},
"details": "A malicious insider exploiting this vulnerability can circumvent existing security controls put in place by the organization. On the contrary, if the victim is legitimately using the temporary bypass to reach out to the Internet for retrieving application and system updates, a remote device could target it and undo the bypass, thereby denying the victim access to the update service, causing it to fail. ",
"id": "GHSA-8cxm-3p35-j3m6",
"modified": "2024-03-14T09:31:04Z",
"published": "2024-03-14T09:31:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0313"
},
{
"type": "WEB",
"url": "https://kcm.trellix.com/corporate/index?page=content\u0026id=SB10418"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8VQJ-758H-QH3X
Vulnerability from github – Published: 2022-05-13 01:19 – Updated: 2022-05-13 01:19In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.
{
"affected": [],
"aliases": [
"CVE-2018-19212"
],
"database_specific": {
"cwe_ids": [
"CWE-670"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-12T19:29:00Z",
"severity": "MODERATE"
},
"details": "In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.",
"id": "GHSA-8vqj-758h-qh3x",
"modified": "2022-05-13T01:19:45Z",
"published": "2022-05-13T01:19:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19212"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644196"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8WR7-69HR-44PW
Vulnerability from github – Published: 2026-04-15 15:31 – Updated: 2026-04-15 15:31Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved.
{
"affected": [],
"aliases": [
"CVE-2026-40719"
],
"database_specific": {
"cwe_ids": [
"CWE-670"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-15T07:16:11Z",
"severity": "HIGH"
},
"details": "Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved.",
"id": "GHSA-8wr7-69hr-44pw",
"modified": "2026-04-15T15:31:40Z",
"published": "2026-04-15T15:31:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/samboy/MaraDNS/security/advisories/GHSA-cfc6-vhrv-62cj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40719"
},
{
"type": "WEB",
"url": "https://maradns.samiam.org/changelog.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9328-GCFQ-P269
Vulnerability from github – Published: 2024-05-18 00:30 – Updated: 2024-11-04 21:30In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka TROVE-2024-003.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "arti"
},
"ranges": [
{
"events": [
{
"introduced": "1.2.2"
},
{
"fixed": "1.2.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.2.2"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "tor-circmgr"
},
"ranges": [
{
"events": [
{
"introduced": "0.18.0"
},
{
"fixed": "0.18.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.18.0"
]
}
],
"aliases": [
"CVE-2024-35312"
],
"database_specific": {
"cwe_ids": [
"CWE-670",
"CWE-754"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-20T16:18:10Z",
"nvd_published_at": "2024-05-17T22:15:07Z",
"severity": "HIGH"
},
"details": "In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka TROVE-2024-003.",
"id": "GHSA-9328-gcfq-p269",
"modified": "2024-11-04T21:30:45Z",
"published": "2024-05-18T00:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35312"
},
{
"type": "PACKAGE",
"url": "https://gitlab.torproject.org/tpo/core/arti"
},
{
"type": "WEB",
"url": "https://gitlab.torproject.org/tpo/core/arti/-/blob/main/CHANGELOG.md#arti-123-15-may-2024"
},
{
"type": "WEB",
"url": "https://gitlab.torproject.org/tpo/core/arti/-/commit/da95138c14f762c706e46e89c6adfa46fcd5252c"
},
{
"type": "WEB",
"url": "https://gitlab.torproject.org/tpo/core/arti/-/issues/1409"
},
{
"type": "WEB",
"url": "https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/2145"
},
{
"type": "WEB",
"url": "https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/2154"
},
{
"type": "WEB",
"url": "https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/2156"
},
{
"type": "WEB",
"url": "https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2024-0339.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Tor Arti\u0027s STUB circuits incorrectly have a length of 2"
}
GHSA-949P-HQW3-RGM2
Vulnerability from github – Published: 2024-06-14 18:31 – Updated: 2024-06-14 18:31Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device would be compromised.
{
"affected": [],
"aliases": [
"CVE-2024-5659"
],
"database_specific": {
"cwe_ids": [
"CWE-670"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-14T17:15:51Z",
"severity": null
},
"details": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised.",
"id": "GHSA-949p-hqw3-rgm2",
"modified": "2024-06-14T18:31:45Z",
"published": "2024-06-14T18:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5659"
},
{
"type": "WEB",
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-95CH-MQCF-W529
Vulnerability from github – Published: 2023-08-11 03:30 – Updated: 2024-04-04 06:51Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access.
{
"affected": [],
"aliases": [
"CVE-2023-28711"
],
"database_specific": {
"cwe_ids": [
"CWE-670",
"CWE-691"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-11T03:15:25Z",
"severity": "MODERATE"
},
"details": "Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access.",
"id": "GHSA-95ch-mqcf-w529",
"modified": "2024-04-04T06:51:19Z",
"published": "2023-08-11T03:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28711"
},
{
"type": "WEB",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00879.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-96VR-JXMC-X8JC
Vulnerability from github – Published: 2025-09-16 00:30 – Updated: 2025-09-16 18:31A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A UDP server socket bound to a local interface may become bound to all interfaces.
{
"affected": [],
"aliases": [
"CVE-2025-43359"
],
"database_specific": {
"cwe_ids": [
"CWE-670"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T23:15:37Z",
"severity": "CRITICAL"
},
"details": "A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A UDP server socket bound to a local interface may become bound to all interfaces.",
"id": "GHSA-96vr-jxmc-x8jc",
"modified": "2025-09-16T18:31:23Z",
"published": "2025-09-16T00:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43359"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125108"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125109"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125110"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125111"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125112"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125114"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125115"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125116"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9F4W-67G7-MQWV
Vulnerability from github – Published: 2026-04-03 03:26 – Updated: 2026-04-20 23:59Summary
Remote onboarding preserves attacker-discovered endpoint after trust decline, routing gateway credentials to it
Current Maintainer Triage
- Status: narrow
- Normalized severity: medium
- Assessment: Real shipped onboarding trust-decline bug because the declined discovered URL survived into the manual prompt, but operator acceptance of that prefill is still required, so medium.
Affected Packages / Versions
- Package:
openclaw(npm) - Latest published npm version:
2026.3.31 - Vulnerable version range:
<=2026.3.28 - Patched versions:
>= 2026.3.31 - First stable tag containing the fix:
v2026.3.31
Fix Commit(s)
2a75416634837c21ed05b8c3ed906eb7a7807060— 2026-03-30T20:03:06+01:00
Release Process Note
- The fix is already present in released version
2026.3.31. - This draft looks ready for final maintainer disposition or publication, not additional code-fix work.
Thanks @zsxsoft for reporting.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2026.3.28"
},
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2026.3.31"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-41300"
],
"database_specific": {
"cwe_ids": [
"CWE-670"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-03T03:26:14Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "## Summary\nRemote onboarding preserves attacker-discovered endpoint after trust decline, routing gateway credentials to it\n\n## Current Maintainer Triage\n- Status: narrow\n- Normalized severity: medium\n- Assessment: Real shipped onboarding trust-decline bug because the declined discovered URL survived into the manual prompt, but operator acceptance of that prefill is still required, so medium.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published npm version: `2026.3.31`\n- Vulnerable version range: `\u003c=2026.3.28`\n- Patched versions: `\u003e= 2026.3.31`\n- First stable tag containing the fix: `v2026.3.31`\n\n## Fix Commit(s)\n- `2a75416634837c21ed05b8c3ed906eb7a7807060` \u2014 2026-03-30T20:03:06+01:00\n\n## Release Process Note\n- The fix is already present in released version `2026.3.31`.\n- This draft looks ready for final maintainer disposition or publication, not additional code-fix work.\n\nThanks @zsxsoft for reporting.",
"id": "GHSA-9f4w-67g7-mqwv",
"modified": "2026-04-20T23:59:40Z",
"published": "2026-04-03T03:26:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-9f4w-67g7-mqwv"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/2a75416634837c21ed05b8c3ed906eb7a7807060"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.3.31"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "OpenClaw: Endpoint persists after trust decline, leaking gateway credentials"
}
GHSA-9VH8-8GPJ-8C68
Vulnerability from github – Published: 2022-05-24 17:30 – Updated: 2022-05-24 17:30Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM) Processors and Intel(R) Celeron(R) Processor 4000 Series may allow an authenticated user to potentially enable information disclosure via local access.
{
"affected": [],
"aliases": [
"CVE-2020-8671"
],
"database_specific": {
"cwe_ids": [
"CWE-670"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-10-05T14:15:00Z",
"severity": "MODERATE"
},
"details": "Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM) Processors and Intel(R) Celeron(R) Processor 4000 Series may allow an authenticated user to potentially enable information disclosure via local access.",
"id": "GHSA-9vh8-8gpj-8c68",
"modified": "2022-05-24T17:30:07Z",
"published": "2022-05-24T17:30:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8671"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00356.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.