目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1325

100%
请我们喝杯咖啡

CWE-116 对输出编码和转义不恰当 类漏洞列表 145

CWE-116 对输出编码和转义不恰当 类弱点 145 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-116 属于输出编码或转义不当漏洞,指产品在向其他组件发送结构化消息时,未正确编码或转义数据,导致消息结构被破坏。攻击者常借此注入恶意命令,篡改预期逻辑以执行非法操作。开发者应避免此风险,需严格遵循上下文相关的编码规范,对输出数据进行彻底验证与转义,确保特殊字符被正确隔离,从而维持消息结构的完整性与安全性。

MITRE CWE 官方描述
CWE:CWE-116 输出编码或转义不当 英文:产品为与另一个组件通信而准备结构化消息,但数据的编码或转义缺失或执行不正确。结果,消息的预期结构未能得到保留。 编码或转义不当可能使攻击者能够更改发送给另一个组件的命令,并插入恶意命令。大多数产品遵循某种协议,该协议使用结构化消息在组件之间进行通信,例如查询或命令。这些结构化消息可以包含穿插着元数据或控制信息的原始数据。例如,“GET /index.html HTTP/1.1”是一个结构化消息,其中包含一个命令(“GET”)、一个参数(“/index.html”)以及关于正在使用的协议版本(“HTTP/1.1”)的元数据。如果应用程序使用攻击者提供的输入来构建结构化消息,而未进行适当的编码或转义,则攻击者可以插入特殊字符,导致数据被解释为控制信息或元数据。因此,接收输出的组件将执行错误的操作,或以其他错误的方式解释数据。
常见影响 (3)
IntegrityModify Application Data
The communications between components can be modified in unexpected ways. Unexpected commands can be executed, bypassing other security mechanisms. Incoming data can be misinterpreted.
Integrity, Confidentiality, Availability, Access ControlExecute Unauthorized Code or Commands
The communications between components can be modified in unexpected ways. Unexpected commands can be executed, bypassing other security mechanisms. Incoming data can be misinterpreted.
ConfidentialityBypass Protection Mechanism
The communications between components can be modified in unexpected ways. Unexpected commands can be executed, bypassing other security mechanisms. Incoming data can be misinterpreted.
缓解措施 (5)
Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. For example, consider using the ESAPI Encoding control [REF-45] or a similar tool, library, or framework. These will help the programmer encode outputs in a manner less prone to error. Alternately, use built-in functions, but consider using wrappers in case t…
Architecture and DesignIf available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated. For example, stored procedures can enforce database query structure and reduce the likel…
Architecture and Design, ImplementationUnderstand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required e…
Architecture and DesignIn some cases, input validation may be an important strategy when output encoding is not a complete solution. For example, you may be providing the same output that will be processed by multiple consumers that use different encodings or representations. In other cases, you may be required to allow user-supplied input to contain control information, such as limited HTML tags that support formatting…
Architecture and DesignUse input validation as a defense-in-depth measure to reduce the likelihood of output encoding errors (see CWE-20).
代码示例 (2)
This code displays an email address that was submitted as part of a form.
<% String email = request.getParameter("email"); %> ... Email Address: <%= email %>
Bad · JSP
Consider a chat application in which a front-end web application communicates with a back-end server. The back-end is legacy code that does not perform authentication or authorization, so the front-end must implement it. The chat protocol supports two commands, SAY and BAN, although only administrators can use the BAN command. Each argument must be separated by a single space. The raw inputs are U…
$inputString = readLineFromFileHandle($serverFH); # generate an array of strings separated by the "|" character. @commands = split(/\|/, $inputString); foreach $cmd (@commands) { # separate the operator from its arguments based on a single whitespace ($operator, $args) = split(/ /, $cmd, 2); $args = UrlDecode($args); if ($operator eq "BAN") { ExecuteBan($args); } elsif ($operator eq "SAY") { ExecuteSay($args); } }
Bad · Perl
$inputString = GetUntrustedArgument("command"); ($cmd, $argstr) = split(/\s+/, $inputString, 2); # removes extra whitespace and also changes CRLF's to spaces $argstr =~ s/\s+/ /gs; $argstr = UrlEncode($argstr); if (($cmd eq "BAN") && (! IsAdministrator($username))) { die "Error: you are not the admin.\n"; } # communicate with file server using a file handle $fh = GetServerFileHandle("myserver"); print $fh "$cmd $argstr\n";
Bad · Perl
CVE ID标题CVSS风险等级Published
CVE-2026-47206 Dragonfly EvalSerializer中Lua redis.error_reply()导致的RESP协议注入漏洞 — dragonfly--2026-06-26
CVE-2026-52846 Caddy stripHTML 模板函数绕过漏洞 — caddy 4.2 Medium2026-06-23
CVE-2026-56379 ImageMagick SVG解析器命令注入漏洞 — ImageMagick--2026-06-23
CVE-2026-54287 Hono AWS Lambda适配器Cookie头合并漏洞 — hono 5.3 Medium2026-06-22
CVE-2026-44913 Apache NiFi MySQL变更捕获中表名转义不当漏洞 — Apache NiFi--2026-06-22
CVE-2026-48485 duck-organization Quest Bot 输出处理不当漏洞 — questbot--2026-06-12
CVE-2026-47188 Quest Bot 安全漏洞 — quest-bot--2026-06-11
CVE-2026-47175 Quest Bot 安全漏洞 — quest-bot--2026-06-11
CVE-2026-47173 Quest Bot 安全漏洞 — quest-bot--2026-06-11
CVE-2026-47171 Quest Bot 安全漏洞 — quest-bot--2026-06-11
CVE-2026-49472 FreeSWITCH 安全漏洞 — freeswitch 5.3 Medium2026-06-09
CVE-2026-20245 Cisco Catalyst SD-WAN Manager 安全漏洞 — Cisco Catalyst SD-WAN Controller 7.8 High2026-06-04
CVE-2026-48598 Tesla 安全漏洞 — tesla--2026-06-02
CVE-2026-45570 go-git 安全漏洞 — go-git--2026-05-27
CVE-2026-44972 GuardDog 安全漏洞 — guarddog 5.0 Medium2026-05-27
CVE-2026-9354 Hermes Agent 安全漏洞 — hermes-agent 6.5 Medium2026-05-24
CVE-2026-26028 CryptPad 跨站脚本漏洞 — cryptpad 6.1 Medium2026-05-20
CVE-2026-42810 Apache Polaris 输入验证错误漏洞 — Apache Polaris 9.9 Critical2026-05-04
CVE-2026-42040 Axios 安全漏洞 — axios 3.7 Low2026-04-24
CVE-2026-40567 FreeScout 安全漏洞 — freescout 5.8 Medium2026-04-21
CVE-2026-6058 Zyxel WRE6505 安全漏洞 — WRE6505 v2 firmware 4.5 Medium2026-04-21
CVE-2026-20136 Cisco Identity Services Engine(Cisco ISE)和Cisco ISE Passive Identity Connector 安全漏洞 — Cisco Identity Services Engine Software 6.0 Medium2026-04-15
CVE-2026-2404 Schneider Electric PowerChute Serial Shutdown 安全漏洞 — PowerChute™ Serial Shutdown 7.5 -2026-04-14
CVE-2026-40023 Apache Log4cxx 安全漏洞 — Apache Log4cxx 5.3 -2026-04-10
CVE-2026-40021 Apache log4net 安全漏洞 — Apache Log4net 9.1 -2026-04-10
CVE-2026-34481 Apache Log4j 安全漏洞 — Apache Log4j JSON Template Layout 4.8 -2026-04-10
CVE-2026-34480 Apache Log4j 安全漏洞 — Apache Log4j Core 5.8AIMediumAI2026-04-10
CVE-2026-34479 Apache Log4j 安全漏洞 — Apache Log4j 1 to Log4j 2 bridge 6.5AIMediumAI2026-04-10
CVE-2026-34483 Apache Tomcat 安全漏洞 — Apache Tomcat 9.8AICriticalAI2026-04-09
CVE-2026-25932 GLPI 安全漏洞 — glpi 7.2 High2026-04-06

CWE-116(对输出编码和转义不恰当) 是常见的弱点类别,本平台收录该类弱点关联的 145 条 CVE 漏洞。