CWE-234: Failure to Handle Missing Parameter

If too few arguments are sent to a function, the function will still pop the expected number of arguments from the stack. Potentially, a variable number of arguments could be exhausted in a function as well.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

High

Likelihood of exploit

Per MITRE

Variant

Abstraction

MITRE classification

Overview

CWE-234 (Failure to Handle Missing Parameter) is a variant-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

CWE-234: Failure to Handle Missing Parameter

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

Code examples

Illustrative examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-234?

What CVEs are caused by CWE-234?

How do you prevent CWE-234?

What are the consequences of CWE-234?

Is CWE-234 actively exploited?

References

Stay ahead of CWE-234

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

Code examples

Illustrative examples

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-234?

What CVEs are caused by CWE-234?

How do you prevent CWE-234?

What are the consequences of CWE-234?

Is CWE-234 actively exploited?

References

Stay ahead of CWE-234