Weakness Type

CWE-130

All CVE vulnerabilities classified under this weakness type.

View on MITRE CWE

Total CVEs

Critical

In KEV

With Exploits

CVE-2021-3454

4.3MEDIUM

Truncated L2CAP K-frame causes assertion failure. Zephyr versions >= 2.4.0, >= v.2.50 contain Improper Handling of Length Parameter Inconsistency (CWE-130), Reachable Assertion (CWE-617). For more inf

Truncated L2CAP K-frame causes assertion failure. Zephyr versions >= 2.4.0, >= v.2.50 contain Improper Handling of Length Parameter Inconsistency (CWE-130), Reachable Assertion (CWE-617). For more inf...

10/19/2021CWE-130, CWE-617 +1

CVE-2020-10065

3.8LOW

Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Length Parameter Inconsistency (CWE-130). For more information, see https://github.com

Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Length Parameter Inconsistency (CWE-130). For more information, see https://github.com...

5/25/2021CWE-130, CWE-787

Parameters are not validated or sanitized, and are later used in various internal operations.

9/19/2025CWE-130

CWE-130

CVE-2021-3454

Truncated L2CAP K-frame causes assertion failure. Zephyr versions >= 2.4.0, >= v.2.50 contain Improper Handling of Length Parameter Inconsistency (CWE-130), Reachable Assertion (CWE-617). For more inf

CVE-2020-10065

Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Length Parameter Inconsistency (CWE-130). For more information, see https://github.com

CVE-2024-20685

Azure Private 5G Core Denial of Service Vulnerability

CVE-2025-10458

Parameters are not validated or sanitized, and are later used in various internal operations.