CWE-428: Unquoted Search Path or Element
low-riskThe product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Abstraction: Base
Common Consequences
Confidentiality
→
Execute Unauthorized Code or Commands
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2023-38408 | 9.8 | 64.4% | — |
| CVE-2023-38408 | 9.8 | 64.4% | — |
| CVE-2020-15261 | 8.0 | 8.1% | — |
| CVE-2017-3141 | 7.2 | 3.1% | — |
| CVE-2024-43457 | 7.8 | 2.7% | — |
| CVE-2017-9644 | 7.0 | 1.6% | — |
| CVE-2017-9644 | 7.0 | 1.6% | — |
| CVE-2023-31747 | 7.8 | 1.0% | — |
| CVE-2023-31747 | 7.8 | 1.0% | — |
| CVE-2022-36344 | 9.8 | 0.7% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal