CWE-158 - Improper Neutralization of Null Byte or NUL Character

Description

The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes NUL characters or null bytes when they are sent to a downstream component.

Latest vulnerabilities for CWE-158

Improper Neutralization of Null Byte or NUL Character in Red Lion Crimson 2023-11-03
High Yes

Multiple vulnerabilities in Dell PowerStore Family 2023-08-17
High Yes

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server 2022-07-07
Medium Yes

Multiple vulnerabilities in Phicomm Routers 2022-03-09
Medium No

Improper neutralization of null byte or NUL Character in IBM Cloud Automation Manager 2021-12-22
Medium Yes

Multiple vulnerabilities in MongoDB 2020-11-25
Medium Yes

Multiple vulnerabilities in Secomea GateManager 2020-07-29
High Yes

References

Description of CWE-158 on Mitre website