Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-182 (数据的崩溃导致不安全数值) — Vulnerability Class 1

1 vulnerabilities classified as CWE-182 (数据的崩溃导致不安全数值). AI Chinese analysis included.

CWE-182 represents a data handling weakness where input filtering mechanisms inadvertently reduce or collapse data into an unsafe value, violating expected security properties. This flaw typically arises when sanitization processes are overly aggressive or incorrectly implemented, stripping essential characters or normalizing data in ways that bypass validation checks. Attackers exploit this by crafting inputs that appear safe after filtering but retain malicious intent or trigger unintended behavior, such as injection attacks or privilege escalation. Developers can prevent this by ensuring filtering logic preserves data integrity while strictly enforcing security constraints. Implementing allow-list validation, using robust encoding libraries, and conducting thorough threat modeling help identify edge cases where data collapse might occur. Regular code reviews and automated security testing further ensure that filtering mechanisms do not introduce vulnerabilities by compromising the semantic meaning of the processed data.

MITRE CWE Description
The product filters data in a way that causes it to be reduced or "collapsed" into an unsafe value that violates an expected security property.
Common Consequences (1)
Access ControlBypass Protection Mechanism
Mitigations (4)
Architecture and DesignAvoid making decisions based on names of resources (e.g. files) if those resources can have alternate names.
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
ImplementationInputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
Canonicalize the name to match that of the file system's representation of the name. This can sometimes be achieved with an available API (e.g. in Win32 the GetFullPathName function).
CVE IDTitleCVSSSeverityPublished
CVE-2020-7921 Administrative action may disable enforcement of per-user IP whitelisting — MongoDB Server 4.6 Medium2020-05-06

Vulnerabilities classified as CWE-182 (数据的崩溃导致不安全数值) represent 1 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.