CWE-179: Incorrect Behavior Order: Early Validation
low-riskThe product validates input before applying protection mechanisms that modify the input, which could allow an attacker to bypass the validation via dangerous inputs that only arise after the modification.
Abstraction: Base
Common Consequences
Access Control
→
Bypass Protection Mechanism
Real-World Examples (3)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2022-1271 | 8.8 | 0.8% | — |
| CVE-2025-4759 | 8.3 | 0.2% | — |
| CVE-2024-41686 | 3.3 | 0.0% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal