CWE-172 - Encoding Error

Home/CWEs/CWE info/

CWE-172

Abstraction:
Class

Structure:
Simple

Status:
Draft

Weakness Name: Encoding Error

Description: The product does not properly encode or decode the data, resulting in unexpected values.

Common Consequences: Scope: Integrity
Impact: Unexpected State

Related Weaknesses

CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')High

CWE-707Improper Neutralization

CWE-41Improper Resolution of Path Equivalence

Release Date:
2006-07-19

Latest Modification Date:
2023-10-26

Latest Security News

Microsoft disrupts ONNX phishing-as-a-service infrastructure

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

US seizes PopeyeTools cybercrime marketplace, charges administrators

Fortinet VPN design flaw hides successful brute-force attacks

10 Most Impactful PAM Use Cases for Enhancing Organizational Security

North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs

Cyber Story Time: The Boy Who Cried "Secure!"

Common Alerts

InformationalCookie Poisoning

LowOld Asp.Net Version in Use

HighCross Site Scripting (Reflected)

LowStrict-Transport-Security Max-Age Malformed (Non-compliant with Spec)

LowStrict-Transport-Security Malformed Content (Non-compliant with Spec)

MediumVulnerable JS Library

InformationalCross Site Scripting (Persistent) - Prime

InformationalContent-Type Header Missing

InformationalSec-Fetch-User Header is Missing

InformationalSec-Fetch-Mode Header is Missing

Latest CVE List

CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability

CVE-2024-44309 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability

CVE-2024-21287 Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability

CVE-2024-38812 VMware vCenter Server Heap-Based Buffer Overflow Vulnerability

CVE-2024-38813 VMware vCenter Server Privilege Escalation Vulnerability

CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability

CVE-2024-0012 Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability

CVE-2024-9474 Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability

CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection Vulnerability

CVE-2024-9465 Palo Alto Networks Expedition SQL Injection Vulnerability

Common CWEs

CWE-431 Missing Handler

HighCWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax

CWE-833 Deadlock

CWE-446 UI Discrepancy for Security Feature

CWE-386 Symbolic Name not Mapping to Correct Object

CWE-15 External Control of System or Configuration Setting

CWE-88 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-224 Obscured Security-relevant Information by Alternate Name

CWE-528 Exposure of Core Dump File to an Unauthorized Control Sphere

CWE-1124 Excessively Deep Nesting

Free security scan for your website

Don't show website scan report rating on the leaderboard

CWE-172 - Encoding Error

The product does not properly encode or decode the data, resulting in unexpected values.