CWE-1116
4 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1116page 1 of 1
- CVE-2022-30351HIGHCVSS 7.5EG 7.52023-03-30
PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted informati…
- CVE-2022-48339HIGHCVSS 7.8EG 9.82023-02-20
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. …
- CVE-2025-1219MEDIUMCVSS 5.3EG 5.32025-03-30
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the ch…
- CVE-2025-47271MEDIUMCVSS 6.3EG 0.02025-05-12
The OZI action is a GitHub Action that publishes releases to PyPI and mirror releases, signature bundles, and provenance in a tagged release. In versions 1.13.2 through 1.13.5, potentially untrusted data flows into PR creation logic. A mal…
Map vulnerabilities like CWE-1116 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1116 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →