CWE-237 4 個 CVE MITRE 定義 ↗

CWE-237:Improper Handling of Structural Elements

概覽

CWE-237(Improper Handling of Structural Elements)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

The product does not handle or incorrectly handles inputs that are related to complex structures.

適用平台

類型 名稱 普遍性 OS / CPE
language Not Language-Specific Undetermined

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2026-45411 2026-05-13 vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.3, it is possible to catch a host exception using the yield* expression inside an async generator. When the generator is closed using the re…
CVE-2025-24336 2025-01-30 SXF Common Library handles input data improperly. If a product using the library reads a crafted file, the product may be crashed.
CVE-2023-6110 2024-11-17 A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
CVE-2023-34429 2023-07-19 Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token.

曾用名

  • Element Problems (2009-03-10)

內容提交

名稱
PLOVER
日期
2006-07-19
版本
Draft 3

內容修訂

日期 名稱 版本 重要性 評論
2008-09-08 CWE Content Team 1.0 updated Relationships, Taxonomy_Mappings
2009-03-10 CWE Content Team 1.3 updated Description, Name
2011-06-01 CWE Content Team 1.13 updated Common_Consequences
2011-06-27 CWE Content Team 2.0 updated Common_Consequences
2012-05-11 CWE Content Team 2.2 updated Relationships
2013-07-17 CWE Content Team 2.5 updated Type
2014-07-30 CWE Content Team 2.8 updated Relationships
2020-02-24 CWE Content Team 4.0 updated Relationships
2023-01-31 CWE Content Team 4.10 updated Description
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-12-11 CWE Content Team 4.19 updated Applicable_Platforms, Demonstrative_Examples, Time_of_Introduction, Weakness_Ordinalities
cvelogic Threat Intelligence