CWE-147— Improper Neutralization of Input Terminators
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as input terminators when they are sent to a downstream component.— MITRE CWE catalog
5 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-147page 1 of 1
- CVE-2023-4393MEDIUMCVSS 6.1EG 5.42023-10-30
HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow an attacker to perform more advanced phishing attacks against an organization.
- CVE-2024-50349MEDIUMCVSS 4.7EG 4.72025-01-14
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using …
- CVE-2024-52006HIGHCVSS 7.5EG 7.52025-01-14
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information b…
- CVE-2024-52505MEDIUMCVSS 5.4EG 5.42024-11-14
matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging protocol. The provisioning API of the matrix-appservice-irc bridge up to version 3.0.2 contains a vulnerability which can lead to arbitrary IRC command execution as the…
- CVE-2025-7962HIGHCVSS 7.5EG 7.52025-07-21
In Jakarta Mail versions prior to 2.0.2 it is possible to perform an SMTP Injection by utilizing the \r and \n UTF-8 characters to separate different messages.
Map vulnerabilities like CWE-147 to your infrastructure
EchelonGraph correlates every CVE — across CWE-147 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →