CWE-240: Improper Handling of Inconsistent Structural Elements
low-riskThe product does not handle or incorrectly handles when two or more structural elements should be consistent, but are not.
Abstraction: Base
Common Consequences
Integrity
→
Varies by Context
Real-World Examples (4)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2021-31890 | 7.5 | 2.5% | — |
| CVE-2023-39915 | 7.5 | 0.3% | — |
| CVE-2023-39914 | 7.5 | 0.2% | — |
| CVE-2022-40957 | 6.5 | 0.2% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal