目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-116 对输出编码和转义不恰当 类漏洞列表 128

CWE-116 对输出编码和转义不恰当 类弱点 128 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-116 属于输出编码或转义不当漏洞,指产品在向其他组件发送结构化消息时,未正确编码或转义数据,导致消息结构被破坏。攻击者常借此注入恶意命令,篡改预期逻辑以执行非法操作。开发者应避免此风险,需严格遵循上下文相关的编码规范,对输出数据进行彻底验证与转义,确保特殊字符被正确隔离,从而维持消息结构的完整性与安全性。

MITRE CWE 官方描述
CWE:CWE-116 输出编码或转义不当 英文:产品为与另一个组件通信而准备结构化消息,但数据的编码或转义缺失或执行不正确。结果,消息的预期结构未能得到保留。 编码或转义不当可能使攻击者能够更改发送给另一个组件的命令,并插入恶意命令。大多数产品遵循某种协议,该协议使用结构化消息在组件之间进行通信,例如查询或命令。这些结构化消息可以包含穿插着元数据或控制信息的原始数据。例如,“GET /index.html HTTP/1.1”是一个结构化消息,其中包含一个命令(“GET”)、一个参数(“/index.html”)以及关于正在使用的协议版本(“HTTP/1.1”)的元数据。如果应用程序使用攻击者提供的输入来构建结构化消息,而未进行适当的编码或转义,则攻击者可以插入特殊字符,导致数据被解释为控制信息或元数据。因此,接收输出的组件将执行错误的操作,或以其他错误的方式解释数据。
常见影响 (3)
IntegrityModify Application Data
The communications between components can be modified in unexpected ways. Unexpected commands can be executed, bypassing other security mechanisms. Incoming data can be misinterpreted.
Integrity, Confidentiality, Availability, Access ControlExecute Unauthorized Code or Commands
The communications between components can be modified in unexpected ways. Unexpected commands can be executed, bypassing other security mechanisms. Incoming data can be misinterpreted.
ConfidentialityBypass Protection Mechanism
The communications between components can be modified in unexpected ways. Unexpected commands can be executed, bypassing other security mechanisms. Incoming data can be misinterpreted.
缓解措施 (5)
Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. For example, consider using the ESAPI Encoding control [REF-45] or a similar tool, library, or framework. These will help the programmer encode outputs in a manner less prone to error. Alternately, use built-in functions, but consider using wrappers in case t…
Architecture and DesignIf available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated. For example, stored procedures can enforce database query structure and reduce the likel…
Architecture and Design, ImplementationUnderstand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required e…
Architecture and DesignIn some cases, input validation may be an important strategy when output encoding is not a complete solution. For example, you may be providing the same output that will be processed by multiple consumers that use different encodings or representations. In other cases, you may be required to allow user-supplied input to contain control information, such as limited HTML tags that support formatting…
Architecture and DesignUse input validation as a defense-in-depth measure to reduce the likelihood of output encoding errors (see CWE-20).
代码示例 (2)
This code displays an email address that was submitted as part of a form.
<% String email = request.getParameter("email"); %> ... Email Address: <%= email %>
Bad · JSP
Consider a chat application in which a front-end web application communicates with a back-end server. The back-end is legacy code that does not perform authentication or authorization, so the front-end must implement it. The chat protocol supports two commands, SAY and BAN, although only administrators can use the BAN command. Each argument must be separated by a single space. The raw inputs are U…
$inputString = readLineFromFileHandle($serverFH); # generate an array of strings separated by the "|" character. @commands = split(/\|/, $inputString); foreach $cmd (@commands) { # separate the operator from its arguments based on a single whitespace ($operator, $args) = split(/ /, $cmd, 2); $args = UrlDecode($args); if ($operator eq "BAN") { ExecuteBan($args); } elsif ($operator eq "SAY") { ExecuteSay($args); } }
Bad · Perl
$inputString = GetUntrustedArgument("command"); ($cmd, $argstr) = split(/\s+/, $inputString, 2); # removes extra whitespace and also changes CRLF's to spaces $argstr =~ s/\s+/ /gs; $argstr = UrlEncode($argstr); if (($cmd eq "BAN") && (! IsAdministrator($username))) { die "Error: you are not the admin.\n"; } # communicate with file server using a file handle $fh = GetServerFileHandle("myserver"); print $fh "$cmd $argstr\n";
Bad · Perl
CVE ID标题CVSS风险等级Published
CVE-2026-42810 Apache Polaris 通配符命名空间凭证泄露漏洞 — Apache Polaris 9.9 Critical2026-05-04
CVE-2026-42040 Axios 安全漏洞 — axios 3.7 Low2026-04-24
CVE-2026-40567 FreeScout 安全漏洞 — freescout 5.8 Medium2026-04-21
CVE-2026-6058 Zyxel WRE6505 安全漏洞 — WRE6505 v2 firmware 4.5 Medium2026-04-21
CVE-2026-20136 Cisco Identity Services Engine(Cisco ISE)和Cisco ISE Passive Identity Connector 安全漏洞 — Cisco Identity Services Engine Software 6.0 Medium2026-04-15
CVE-2026-2404 Schneider Electric PowerChute Serial Shutdown 安全漏洞 — PowerChute™ Serial Shutdown 7.5 -2026-04-14
CVE-2026-40023 Apache Log4cxx 安全漏洞 — Apache Log4cxx 5.3 -2026-04-10
CVE-2026-40021 Apache log4net 安全漏洞 — Apache Log4net 9.1 -2026-04-10
CVE-2026-34481 Apache Log4j 安全漏洞 — Apache Log4j JSON Template Layout 4.8 -2026-04-10
CVE-2026-34480 Apache Log4j 安全漏洞 — Apache Log4j Core 5.8AIMediumAI2026-04-10
CVE-2026-34479 Apache Log4j 安全漏洞 — Apache Log4j 1 to Log4j 2 bridge 6.5AIMediumAI2026-04-10
CVE-2026-34483 Apache Tomcat 安全漏洞 — Apache Tomcat 9.8AICriticalAI2026-04-09
CVE-2026-25932 GLPI 安全漏洞 — glpi 7.2 High2026-04-06
CVE-2026-32811 Heimdall 安全漏洞 — heimdall 8.2 High2026-03-20
CVE-2026-33301 OpenEMR 安全漏洞 — openemr 3.5 -2026-03-19
CVE-2026-31898 jsPDF 安全漏洞 — jsPDF 8.1 High2026-03-18
CVE-2025-12697 GitLab 安全漏洞 — GitLab 2.2 Low2026-03-11
CVE-2026-28350 lxml_html_clean 安全漏洞 — lxml_html_clean 6.1 Medium2026-03-05
CVE-2026-28348 lxml_html_clean 安全漏洞 — lxml_html_clean 6.1 Medium2026-03-05
CVE-2026-27812 Sub2API 安全漏洞 — sub2api 8.8AIHighAI2026-02-26
CVE-2026-21443 OpenEMR 安全漏洞 — openemr 6.1 -2026-02-25
CVE-2026-25940 jsPDF 安全漏洞 — jsPDF 8.1 High2026-02-19
CVE-2025-15312 Tanium Appliance 安全漏洞 — Tanium Appliance 6.6 Medium2026-02-05
CVE-2026-25543 HTMLSanitizer 安全漏洞 — HtmlSanitizer 6.1AIMediumAI2026-02-04
CVE-2026-24737 jsPDF 安全漏洞 — jsPDF 8.1 High2026-02-02
CVE-2025-66488 Discourse 安全漏洞 — discourse 4.6 Medium2026-01-28
CVE-2026-24439 Tenda W30E 安全漏洞 — W30E V2 9.4AICriticalAI2026-01-26
CVE-2026-22792 5ire 安全漏洞 — 5ire 9.7 Critical2026-01-21
CVE-2026-22712 Mediawiki - ApprovedRevs Extension 安全漏洞 — Mediawiki - ApprovedRevs Extension 9.1 -2026-01-09
CVE-2025-59158 Coolify 安全漏洞 — coolify 5.4 -2026-01-05

CWE-116(对输出编码和转义不恰当) 是常见的弱点类别,本平台收录该类弱点关联的 128 条 CVE 漏洞。