CWE-617

Reachable Assertion

Parent: CWE-705 - Incorrect Control Flow Scoping

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

750 vulnerabilities with CWE-617
CVE-2019-9795 CRITICAL
Thunderbird <60.6-Firefox <66 - Memory Corruption
CVSS 9.8
CVE-2019-10894 HIGH
Wireshark 2.4.0-2.4.13, 2.6.0-2.6.7, 3.0.0 - Denial of Service in GSS-API Dissector
CVSS 7.5
CVE-2019-9211 MEDIUM
GNU PSPP 1.2.0 - Denial of Service via Reachable Assertion in write_long_string_missing_values
CVSS 6.5
CVE-2019-7697 MEDIUM
Bento4 v1.5.1-627 - Denial of Service via AP4_AtomListWriter Assertion Failure
CVSS 6.5
CVE-2019-7662 MEDIUM
Binaryen < 65 - Denial of Service via Crafted WASM File
CVSS 6.5
CVE-2019-6461 MEDIUM
cairo 1.16.0 - Reachable Assertion in _cairo_arc_in_direction
CVSS 6.5
CVE-2019-0003 MEDIUM
Junos OS DoS via BGP FlowSpec Configuration
CVSS 5.9
CVE-2018-5742 HIGH
RedHat bind-9.9.4-65.el7->9.9.4-72.el7 - Buffer Overflow
CVSS 7.5
CVE-2018-5735 HIGH
Debian Linux - Reachable Assertion in validator.c
CVSS 7.5
CVE-2018-5740 HIGH
BIND 9.7.0-9.13.2 - Reachable Assertion in deny-answer-aliases
CVSS 7.5
CVE-2018-5737 MEDIUM
BIND 9.12.0-9.12.1 - Reachable Assertion in rbtdb.c via Serve-Stale Feature
CVSS 5.9
CVE-2018-5736 MEDIUM
BIND <9.12.0-9.12.1 - Use After Free
CVSS 5.3
CVE-2018-5734 HIGH
BIND 9.10.5-S1-9.10.5-S4, 9.10.6-S1-9.10.6-S2 - Reachable Assertion in badcache.c
CVSS 7.5
CVE-2018-20217 MEDIUM
MIT Kerberos < 1.17 - Denial of Service via S4U2Self Request with Older Encryption Type
CVSS 5.3
CVE-2018-19963 HIGH
Xen 4.11 - Reachable Assertion in x86 IOREQ Server Resource Accounting
CVSS 7.8
CVE-2018-19539 MEDIUM
JasPer 2.0.14 - Denial of Service via jas_image_readcmpt Access Violation
CVSS 6.5
CVE-2018-12543 HIGH
Eclipse Mosquitto 1.5.0-1.5.2 - Denial of Service via Invalid Topic String
CVSS 7.5
CVE-2018-17231 HIGH
Telegram Desktop 1.3.14 - Denial of Service via Edit Color Palette Search
CVSS 7.5
CVE-2018-17205 HIGH
Open vSwitch 2.7.x-2.7.6 - Info Disclosure
CVSS 7.5
CVE-2018-17204 MEDIUM
Open vSwitch <2.7.6 - Info Disclosure
CVSS 4.3
CVE-2018-17096 MEDIUM
Olli Parviainen SoundTouch 2.0 - DoS
CVSS 6.5
CVE-2018-15822 HIGH
FFmpeg < 2.8 - Reachable Assertion in FLV Write Packet Function
CVSS 7.5
CVE-2018-14045 HIGH
Olli Parviainen SoundTouch 2.0 - DoS
CVSS 7.5
CVE-2018-14044 HIGH
Olli Parviainen SoundTouch 2.0 - DoS
CVSS 7.5
CVE-2018-13304 MEDIUM
FFmpeg 4.0.1 - Denial of Service via Crafted AVI to MPEG4 Conversion
CVSS 6.5
Details
Vulnerabilities 750
Links
MITRE CWE Entry Search this CWE With Exploits