CWE-789: Memory Allocation with Excessive Size Value

ID CWE-789
Abstraction Variant
Structure Simple
Status Draft
Number of CVEs 41
The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

Modes of Introduction

Phase Note
Implementation

Applicable Platforms

Type Class Name Prevalence
Language C
Language C++
Language Not Language-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-770 Allocation of Resources Without Limits or Throttling Base Simple Incomplete
CWE-1000 Research Concepts Draft CWE-476 NULL Pointer Dereference Base Simple Stable

CVEs Published

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date
Loading...
Loading...