1. Home
  2. Weaknesses
  3. CWE-155

CWE-155: Improper Neutralization of Wildcards or Matching Symbols

ID CWE-155
Abstraction Variant
Structure Simple
Status Draft
Number of CVEs 4
Detail Dashboard Vulnerabilities Web & Social
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as wildcards or matching symbols when they are sent to a downstream component.

As data is parsed, an injected element may cause the process to take unexpected actions.

Modes of Introduction

Phase Note
Implementation

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-138 Improper Neutralization of Special Elements Class Simple Draft

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date