CWE-234: Failure to Handle Missing Parameter
low-riskIf too few arguments are sent to a function, the function will still pop the expected number of arguments from the stack. Potentially, a variable number of arguments could be exhausted in a function as well.
Abstraction: Variant
Common Consequences
Integrity
→
Execute Unauthorized Code or Commands
Availability
→
DoS: Crash, Exit, or Restart
Real-World Examples (2)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2022-20933 | 8.6 | 0.5% | — |
| CVE-2023-46316 | 5.5 | 0.0% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal