Common Weakness Enumeration

CWE-670

Allowed-with-Review

Always-Incorrect Control Flow Implementation

Abstraction: Class · Status: Draft

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

203 vulnerabilities reference this CWE, most recent first.

GHSA-JQ6X-99HJ-Q636

Vulnerability from github – Published: 2022-11-21 20:39 – Updated: 2022-11-21 20:39
VLAI
Summary
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs
Details

Impact

If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error:

np.ones((0, 2**31, 2**31))

An example of a proof of concept:

import numpy as np
import tensorflow as tf

input_val = tf.constant([1])
shape_val = np.array([i for i in range(21)])

tf.broadcast_to(input=input_val,shape=shape_val)

The return value of PyArray_SimpleNewFromData, which returns null on such shapes, is not checked.

Patches

We have patched the issue in GitHub commit 2b56169c16e375c521a3bc8ea658811cc0793784.

The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by Pattarakrit Rattanukul.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.10.0"
            },
            {
              "fixed": "2.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.10.0"
            },
            {
              "fixed": "2.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.10.0"
            },
            {
              "fixed": "2.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-41884"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-11-21T20:39:49Z",
    "nvd_published_at": "2022-11-18T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nIf a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error:\n```python\nnp.ones((0, 2**31, 2**31))\n```\nAn example of a proof of concept:\n```python\nimport numpy as np\nimport tensorflow as tf\n\ninput_val = tf.constant([1])\nshape_val = np.array([i for i in range(21)])\n\ntf.broadcast_to(input=input_val,shape=shape_val)\n```\nThe return value of `PyArray_SimpleNewFromData`, which returns null on such shapes, is not checked.\n\n### Patches\nWe have patched the issue in GitHub commit [2b56169c16e375c521a3bc8ea658811cc0793784](https://github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Pattarakrit Rattanukul.\n",
  "id": "GHSA-jq6x-99hj-q636",
  "modified": "2022-11-21T20:39:49Z",
  "published": "2022-11-21T20:39:49Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41884"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Seg fault in `ndarray_tensor_bridge` due to zero and large inputs"
}

GHSA-M4J6-F6GP-XCM3

Vulnerability from github – Published: 2023-04-20 15:30 – Updated: 2024-04-04 03:36
VLAI
Details

An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the INSTALLED state without any flow rule. Improper handling of such an intent is misleading to a network operator.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-29607"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-20T13:15:07Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the INSTALLED state without any flow rule. Improper handling of such an intent is misleading to a network operator.",
  "id": "GHSA-m4j6-f6gp-xcm3",
  "modified": "2024-04-04T03:36:52Z",
  "published": "2023-04-20T15:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29607"
    },
    {
      "type": "WEB",
      "url": "https://wiki.onosproject.org/display/ONOS/Intent+Framework"
    },
    {
      "type": "WEB",
      "url": "https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M678-VWG3-59MP

Vulnerability from github – Published: 2026-07-07 18:30 – Updated: 2026-07-07 18:30
VLAI
Details

A logic vulnerability was found in GStreamer's webrtcbin component. The _check_sdp_crypto() function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint attribute, while incorrectly rejecting those that include it. An attacker with the ability to intercept and modify WebRTC signaling messages could exploit this to bypass the SDP-level DTLS certificate fingerprint binding, weakening defenses against man-in-the-middle attacks on media streams.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-14935"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-07T16:16:38Z",
    "severity": "LOW"
  },
  "details": "A logic vulnerability was found in GStreamer\u0027s webrtcbin component. The _check_sdp_crypto() function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint attribute, while incorrectly rejecting those that include it. An attacker with the ability to intercept and modify WebRTC signaling messages could exploit this to bypass the SDP-level DTLS certificate fingerprint binding, weakening defenses against man-in-the-middle attacks on media streams.",
  "id": "GHSA-m678-vwg3-59mp",
  "modified": "2026-07-07T18:30:41Z",
  "published": "2026-07-07T18:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-14935"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-14935"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2497679"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer-security/-/merge_requests/98"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/work_items/5171"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MQCP-C96V-GJ7W

Vulnerability from github – Published: 2022-05-24 17:13 – Updated: 2022-06-01 00:00
VLAI
Details

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-3885"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-04-01T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed.",
  "id": "GHSA-mqcp-c96v-gj7w",
  "modified": "2022-06-01T00:00:31Z",
  "published": "2022-05-24T17:13:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3885"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202006-08"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT211101"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT211102"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT211104"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT211105"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT211106"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT211107"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4681"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2020/04/27/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MQG3-R7H5-24X4

Vulnerability from github – Published: 2026-06-29 21:32 – Updated: 2026-06-30 15:30
VLAI
Details

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged.

This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100. Other versions that have reached end of support may also be affected.

Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119 which fixes the issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-55276"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-29T21:16:45Z",
    "severity": "CRITICAL"
  },
  "details": "Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100.\u00a0Other versions that have reached end of support may also be affected.\n\nUsers are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119 which fixes the issue.",
  "id": "GHSA-mqg3-r7h5-24x4",
  "modified": "2026-06-30T15:30:43Z",
  "published": "2026-06-29T21:32:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-55276"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/jy09xjlzn6r2qwvqoph8vcmf959yq68v"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/06/29/23"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P84X-5XX8-HFF9

Vulnerability from github – Published: 2022-05-24 22:01 – Updated: 2023-09-26 20:02
VLAI
Summary
bson-objectid contains Improper input validation
Details

An issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js. ObjectID() allows an attacker to generate a malformed objectid by inserting an additional property to the user-input, because bson-objectid will return early if it detects _bsontype==ObjectID in the user-input object. As a result, objects in arbitrary forms can bypass formatting if they have a valid bsontype.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "bson-objectid"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.3.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-19729"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-670"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-18T21:09:18Z",
    "nvd_published_at": "2019-12-11T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in the BSON ObjectID (aka bson-objectid) package 1.3.0 for Node.js. ObjectID() allows an attacker to generate a malformed objectid by inserting an additional property to the user-input, because bson-objectid will return early if it `detects _bsontype==ObjectID` in the user-input object. As a result, objects in arbitrary forms can bypass formatting if they have a valid bsontype.",
  "id": "GHSA-p84x-5xx8-hff9",
  "modified": "2023-09-26T20:02:48Z",
  "published": "2022-05-24T22:01:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19729"
    },
    {
      "type": "WEB",
      "url": "https://github.com/williamkapke/bson-objectid/issues/30"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/cabinjs/bson-objectid"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/package/bson-objectid"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "bson-objectid contains Improper input validation"
}

GHSA-P87V-9J2V-6W24

Vulnerability from github – Published: 2022-05-24 16:44 – Updated: 2022-05-24 16:44
VLAI
Details

An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-11412"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-22T11:29:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.",
  "id": "GHSA-p87v-9j2v-6w24",
  "modified": "2022-05-24T16:44:04Z",
  "published": "2022-05-24T16:44:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11412"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ccxvii/mujs/commit/1e5479084bc9852854feb1ba9bf68b52cd127e02"
    },
    {
      "type": "WEB",
      "url": "https://bugs.ghostscript.com/show_bug.cgi?id=700947"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RQXMWEOWCGLOLFBQSXBM3MBN33T4I5H"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67PMOZV4DLVL2KGU2SV724QL7Y4PKWKU"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCRO74ORRIVWNVAX2MAMRY3THCTWLQI"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202007-52"
    },
    {
      "type": "WEB",
      "url": "http://www.ghostscript.com/cgi-bin/findgit.cgi?1e5479084bc9852854feb1ba9bf68b52cd127e02"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108093"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PRFX-Q358-348C

Vulnerability from github – Published: 2023-02-16 21:30 – Updated: 2023-03-02 15:30
VLAI
Details

Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-36278"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-16T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.",
  "id": "GHSA-prfx-q358-348c",
  "modified": "2023-03-02T15:30:17Z",
  "published": "2023-02-16T21:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36278"
    },
    {
      "type": "WEB",
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00726.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PVH2-PJ76-4M96

Vulnerability from github – Published: 2021-10-19 15:28 – Updated: 2021-10-25 20:07
VLAI
Summary
Specification non-compliance in JUMPI
Details

Impact

In evm crate < 0.31.0, JUMPI opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check.

Patches

This is a high severity security advisory if you use evm crate for Ethereum mainnet. In this case, you should update your library dependency immediately to on or after 0.31.0.

This is a low severity security advisory if you use evm crate in Frontier or in a standalone blockchain, because there's no security exploit possible with this advisory. It is not recommended to update to on or after 0.31.0 until all the normal chain upgrade preparations have been done. If you use Frontier or other pallet-evm based Substrate blockchain, please ensure to update your spec_version before updating this. For other blockchains, please make sure to follow a hard-fork process before you update this.

Workarounds

If you are dependent on an older version of evm and cannot update due to API interface changes, please contact Wei by email (wei@that.world), who will be happy to help you to publish patch releases for older evm versions.

References

Fix PR: https://github.com/rust-blockchain/evm/pull/67

For more information

If you have any questions or comments about this advisory: * Open an issue in the evm repo.

Special thanks

Special thanks to @rakita for reporting this issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "evm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.31.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-41153"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-10-18T21:06:02Z",
    "nvd_published_at": "2021-10-18T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact \n\nIn `evm` crate `\u003c 0.31.0`, `JUMPI` opcode\u0027s condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check.\n\n### Patches\n\nThis is a **high** severity security advisory if you use `evm` crate for Ethereum mainnet. In this case, you should update your library dependency immediately to on or after `0.31.0`.\n\nThis is a **low** severity security advisory if you use `evm` crate in Frontier or in a standalone blockchain, because there\u0027s no security exploit possible with this advisory. It is **not** recommended to update to on or after `0.31.0` until all the normal chain upgrade preparations have been done. If you use Frontier or other `pallet-evm` based Substrate blockchain, please ensure to update your `spec_version` before updating this. For other blockchains, please make sure to follow a hard-fork process before you update this.\n\n### Workarounds\n\nIf you are dependent on an older version of `evm` and cannot update due to API interface changes, please contact Wei by email (wei@that.world), who will be happy to help you to publish patch releases for older `evm` versions.\n\n### References\n\nFix PR: https://github.com/rust-blockchain/evm/pull/67\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Open an issue in the `evm` repo.\n\n### Special thanks\n\nSpecial thanks to @rakita for reporting this issue.\n",
  "id": "GHSA-pvh2-pj76-4m96",
  "modified": "2021-10-25T20:07:57Z",
  "published": "2021-10-19T15:28:35Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rust-blockchain/evm/security/advisories/GHSA-pvh2-pj76-4m96"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41153"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-blockchain/evm/pull/67"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rust-blockchain/evm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Specification non-compliance in JUMPI"
}

GHSA-PVJF-4HFG-WR84

Vulnerability from github – Published: 2023-07-26 15:30 – Updated: 2024-01-30 23:04
VLAI
Summary
Incorrect control flow in Jenkins Gradle Plugin breaks credentials masking in the build log
Details

Always-incorrect control flow implementation in Jenkins Gradle Plugin 2.8 may result in credentials not being masked (i.e., replaced with asterisks) in the build log in some circumstances.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.8"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:gradle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-39152"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-30T23:04:31Z",
    "nvd_published_at": "2023-07-26T14:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Always-incorrect control flow implementation in Jenkins Gradle Plugin 2.8 may result in credentials not being masked (i.e., replaced with asterisks) in the build log in some circumstances.",
  "id": "GHSA-pvjf-4hfg-wr84",
  "modified": "2024-01-30T23:04:31Z",
  "published": "2023-07-26T15:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39152"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-3208"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/07/26/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Incorrect control flow in Jenkins Gradle Plugin breaks credentials masking in the build log"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.