目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-241 非预期数据类型处理不恰当 类漏洞列表 27

CWE-241 非预期数据类型处理不恰当 类弱点 27 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-241属于输入验证缺陷,指程序未正确处理非预期数据类型。攻击者常通过注入字母、符号等非法字符,诱导系统执行错误逻辑或引发崩溃,进而可能导致拒绝服务或代码执行。开发者应实施严格的类型检查与输入过滤,确保数据符合预期格式,并在处理前进行标准化转换,从而有效防御此类漏洞。

MITRE CWE 官方描述
CWE:CWE-241 意外数据类型处理不当 英文:当某个元素不是预期类型时,产品未进行处理或处理不当,例如,产品预期接收一个数字(0-9),但实际接收到的是一个字母(A-Z)。
常见影响 (1)
Integrity, OtherVaries by Context, Unexpected State
缓解措施 (2)
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
ImplementationInputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
CVE ID标题CVSS风险等级Published
CVE-2025-66550 Nextcloud Calendar 安全漏洞 — security-advisories 5.7 Medium2025-12-05
CVE-2024-21935 AMD Instinct MI300X accelerators 安全漏洞 — AMD Instinct™ MI300X 5.0 Medium2025-09-23
CVE-2024-21927 AMD Instinct MI300X accelerators 安全漏洞 — AMD Instinct™ MI300X 5.0 Medium2025-09-23
CVE-2025-7339 on-headers 安全漏洞 — on-headers 3.4 Low2025-07-17
CVE-2025-2268 HP LaserJet MFP M232-M237 Printer Series 安全漏洞 — HP LaserJet MFP M232-M237 Printer Series 7.5 -2025-03-14
CVE-2025-1004 Hp LaserJet Pro Printer 安全漏洞 — Certain HP LaserJet Pro Printers 7.5 -2025-02-06
CVE-2024-9423 HP LaserJet Printers 安全漏洞 — Certain HP LaserJet Printers 5.3 Medium2024-10-02
CVE-2024-37316 Nextcloud 安全漏洞 — security-advisories 4.6 Medium2024-06-14
CVE-2024-25966 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 5.3 Medium2024-05-14
CVE-2024-0151 ARM Cortex-M Security Extensions 安全漏洞 — Arm v8-M Security Extensions Requirements on Development Tools 8.1AIHighAI2024-04-24
CVE-2023-30591 NodeBB 代码问题漏洞 — NodeBB 7.5 High2023-09-29
CVE-2023-5215 libnbd 安全漏洞 — Red Hat Enterprise Linux 9 5.3 Medium2023-09-28
CVE-2023-28961 Juniper Networks Junos OS 安全漏洞 — Junos OS 5.8 Medium2023-04-17
CVE-2022-22219 Juniper Networks Junos OS和Junos OS Evolved 安全漏洞 — Junos OS 5.9 Medium2022-10-18
CVE-2022-39064 IKEA TRÅDFRI smart lighting 安全漏洞 — TRÅDFRI smart lighting system 8.1 -2022-10-14
CVE-2022-39065 IKEA TRÅDFRI smart lighting 安全漏洞 — TRÅDFRI gateway system 6.5 -2022-10-14
CVE-2022-3029 NLnet Labs Routinator 安全漏洞 — Routinator 7.5 -2022-09-13
CVE-2022-1642 Apple Swift 代码问题漏洞 — Swift Corelib-Foundation 7.5 -2022-06-16
CVE-2022-29181 Nokogiri 安全漏洞 — nokogiri 8.2 High2022-05-20
CVE-2022-20730 Cisco Firepower Threat Defense 安全漏洞 — Cisco Firepower Threat Defense Software 4.0 Medium2022-05-03
CVE-2022-22193 Juniper Networks Junos OS和Junos OS Evolved 安全漏洞 — Junos OS 5.5 Medium2022-04-14
CVE-2022-24668 swift-nio-http2 安全漏洞 — SwiftNIO HTTP2 7.5 -2022-02-09
CVE-2021-40116 Cisco Products Snort 安全漏洞 — Cisco Firepower Threat Defense Software 8.6 High2021-10-27
CVE-2021-39131 Github ced 输入验证错误漏洞 — ced 7.5 High2021-08-17
CVE-2021-32696 striptags 安全漏洞 — striptags 3.7 Low2021-06-18
CVE-2021-32655 Nextcloud 安全漏洞 — security-advisories 3.5 Low2021-06-01
CVE-2021-0243 Juniper Networks Junos OS 安全漏洞 — Junos OS 4.7 Medium2021-04-22

CWE-241(非预期数据类型处理不恰当) 是常见的弱点类别,本平台收录该类弱点关联的 27 条 CVE 漏洞。