Description
The product validates input before applying protection mechanisms that modify the input, which could allow an attacker to bypass the validation via dangerous inputs that only arise after the modification.
Extended Description
Product needs to validate data at the proper time, after data has been canonicalized and cleansed. Early validation is susceptible to various manipulations that result in dangerous inputs that are produced by canonicalization and cleansing.
CVE vulnerabilities with CWE-179 (7)
8.8
CVSS
HIGH
CVE-2022-1271
pub. 2022-08-31
7.8
CVSS
HIGH
CVE-2026-49414
pub. 2026-06-27
7.8
CVSS
HIGH
CVE-2026-32305
pub. 2026-03-20
7.5
CVSS
HIGH
CVE-2026-25223
pub. 2026-02-03
7.3
CVSS
HIGH
CVE-2024-41686
pub. 2024-07-26
5.5
CVSS
MEDIUM
CVE-2025-4759
pub. 2025-05-16
3.7
CVSS
LOW
CVE-2026-3832
pub. 2026-04-30