CWE-372 is a common weakness enumeration in software security. This database tracks 5 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-372?

There are 5 CVE vulnerabilities classified as CWE-372 with an average CVSS score of 7.42.

What is the severity distribution for CWE-372?

CWE-372 contains 1 critical, 2 high, 2 medium, and 0 low severity vulnerabilities.

CWE-372

Total CVEs

Vulnerabilities

Avg CVSS v3

7.4

High

Avg CVSS v2

5.3

Medium

Latest CVE

2024

Most Recent

Severity Distribution

Critical 1

20%

High 2

40%

Medium 2

40%

Low 0

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (5)

Page 1 of 1

CVE-2024-22590

CRITICAL

CVSS:9.1(Critical)

The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connectio...

CWE-3722024

CVE-2023-4012

HIGH

CVSS:7.5(High)

ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).

CWE-3722023

CVE-2020-27222

HIGH

CVSS:7.5(High)

In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong intern...

CWE-3722020

CVE-2023-36834

MEDIUM

CVSS:6.5(Medium)

An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allows an adjacent attacker to cause a Denial ...

CWE-3722023

CVE-2021-25735

MEDIUM

CVSS:6.5(Medium)

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admi...

CWE-3722021