Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-129 (对数组索引的验证不恰当) — Vulnerability Class 182

182 vulnerabilities classified as CWE-129 (对数组索引的验证不恰当). AI Chinese analysis included.

CWE-129 represents an improper validation of array index weakness where software fails to verify that untrusted input falls within the valid bounds of an array. This vulnerability typically allows attackers to exploit the flaw by supplying malicious values that cause the application to read or write memory outside the intended array boundaries. Such out-of-bounds access can lead to critical security breaches, including data corruption, denial of service, or arbitrary code execution, depending on the memory layout and context. To prevent this issue, developers must implement rigorous input validation checks before using any external data as an array index. This involves ensuring that indices are strictly greater than or equal to zero and less than the array’s defined length. Additionally, utilizing safe programming languages with automatic bounds checking or employing static analysis tools can help identify and mitigate these risks during the development lifecycle.

MITRE CWE Description
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
Common Consequences (5)
Integrity, AvailabilityDoS: Crash, Exit, or Restart
Use of an index that is outside the bounds of an array will very likely result in the corruption of relevant memory and perhaps instructions, leading to a crash, if the values are outside of the valid memory area.
IntegrityModify Memory
If the memory corrupted is data, rather than instructions, the system will continue to function with improper values.
Confidentiality, IntegrityModify Memory, Read Memory
Use of an index that is outside the bounds of an array can also trigger out-of-bounds read or write operations, or operations on the wrong objects; i.e., "buffer overflows" are not always the result. This may result in the exposure or modification of sensitive data.
Integrity, Confidentiality, AvailabilityExecute Unauthorized Code or Commands
If the memory accessible by the attacker can be effectively controlled, it may be possible to execute arbitrary code, as with a standard buffer overflow and possibly without the use of large inputs if a precise index can be controlled.
Integrity, Availability, ConfidentialityDoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands, Read Memory, Modify Memory
A single fault could allow either an overflow (CWE-788) or underflow (CWE-786) of the array index. What happens next will depend on the type of operation being performed out of bounds, but can expose sensitive information, cause a system crash, or possibly lead to arbitrary code execution.
Mitigations (5)
Architecture and DesignUse an input validation framework such as Struts or the OWASP ESAPI Validation API. Note that using a framework does not automatically address all input validation problems; be mindful of weaknesses that could arise from misusing the framework itself (CWE-1173).
Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server. Even though clien…
RequirementsUse a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. For example, Ada allows the programmer to constrain the values of a variable and languages such as Java and Ruby will allow the programmer to handle exceptions when an out-of-bounds index is accessed.
Operation, Build and CompilationRun or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code. Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported…
Effectiveness: Defense in Depth
OperationUse a CPU and operating system that offers Data Execution Protection (using hardware NX or XD bits) or the equivalent techniques that simulate this feature in software, such as PaX [REF-60] [REF-61]. These techniques ensure that any instruction executed is exclusively at a memory address that is part of the code segment. For more information on these techniques see D3-PSEP (Process Segment Executi…
Effectiveness: Defense in Depth
Examples (2)
In the code snippet below, an untrusted integer value is used to reference an object in an array.
public String getValue(int index) { return array[index]; }
Bad · Java
The following example takes a user-supplied value to allocate an array of objects and then operates on the array.
private void buildList ( int untrustedListSize ){ if ( 0 > untrustedListSize ){ die("Negative value supplied for list size, die evil hacker!"); } Widget[] list = new Widget [ untrustedListSize ]; list[0] = new Widget(); }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2026-41643 GoBGP: Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE — gobgp 7.5 High2026-05-07
CVE-2026-40251 Incus out-of-bounds panic in snapshot metadata handling allows denial of service — incus 6.5AIMediumAI2026-05-06
CVE-2026-40886 Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows controller — argo-workflows 7.7 High2026-04-23
CVE-2026-6840 ONE 输入验证错误漏洞 — ONE 5.5 Medium2026-04-22
CVE-2026-40097 Step CA affected by an index out of bounds panic in TPM attestation EKU validation — certificates 3.7 Low2026-04-10
CVE-2026-34942 Wasmtime panics when transcoding misaligned utf-16 strings — wasmtime 7.7AIHighAI2026-04-09
CVE-2026-21413 Libraw 安全漏洞 — LibRaw 9.8 Critical2026-04-07
CVE-2026-33762 go-git: Missing validation decoding Index v4 files leads to panic — go-git 2.8 Low2026-03-31
CVE-2026-33281 Ella Core panics on invalid PDU Session IDs in NGAP messages — core 6.5 Medium2026-03-23
CVE-2026-33022 Tekton Pipelines: Controller can panic when setting long resolver names in TaskRun/PipelineRun — pipeline 6.5 Medium2026-03-20
CVE-2026-32937 free5GC CHF has Out-of-Bounds Slice Access that Leads to DoS — chf 6.5 -2026-03-20
CVE-2026-26933 Improper Validation of Array Index in Packetbeat Leading to Denial of Service — Packetbeat 5.7 Medium2026-03-19
CVE-2026-3083 GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability — GStreamer 9.8 -2026-03-13
CVE-2026-26932 Improper Validation of Array Index in Packetbeat Leading to Denial of Service — Packetbeat 5.7 Medium2026-02-26
CVE-2026-25882 Fiber has a Denial of Service Vulnerability via Route Parameter Overflow — fiber 7.5AIHighAI2026-02-24
CVE-2025-69248 free5GC has Array Index Out of Bounds in AMF Leading to Denial of Service — amf 7.5AIHighAI2026-02-23
CVE-2023-20601 AMD Graphics Driver 安全漏洞 — AMD Radeon™ PRO VII 5.5AIMediumAI2026-02-12
CVE-2026-2006 PostgreSQL missing validation of multibyte character length executes arbitrary code — PostgreSQL 8.8 High2026-02-12
CVE-2026-25518 cert-manager-controller DoS via Specially Crafted DNS Response — cert-manager 5.9 Medium2026-02-04
CVE-2026-25068 alsa-lib 1.2.15.2 Topology Decoder Heap-based Buffer Overflow — alsa-lib 6.5 -2026-01-29
CVE-2026-0529 Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers — Packetbeat 6.5 Medium2026-01-14
CVE-2026-0528 Improper Input Validation in Metricbeat Leading to Denial of Service — Metricbeat 6.5 Medium2026-01-13
CVE-2025-47393 Improper Validation of Array Index in Automotive Linux OS — Snapdragon 7.8 High2026-01-06
CVE-2025-15271 FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability — FontForge 7.8 -2025-12-31
CVE-2025-15270 FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability — FontForge 7.8 -2025-12-31
CVE-2025-66559 Taiko Alethia Pacaya inbox verification pointer corruption — taiko-mono 9.1AICriticalAI2025-12-04
CVE-2025-61915 OpenPrinting CUPS vulnerable to stack based out-of-bound write — cups 6.0 Medium2025-11-29
CVE-2025-0657 ALC WebCTRL Carrier i-Vu and Gen5 Controllers Array Index out-of-range — WebCtrl 7.5 -2025-11-27
CVE-2025-62372 vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs — vllm 7.5 -2025-11-21
CVE-2025-10158 Rsync: Out of bounds array access via negative index — rsync 4.3 Medium2025-11-18

Vulnerabilities classified as CWE-129 (对数组索引的验证不恰当) represent 182 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.