CWEBaseDraft3 recent CVEs

CWE-1254Incorrect Comparison Logic Granularity

Description

The product's comparison logic is performed over a series of steps rather than across the entire string in one operation. If there is a comparison logic failure on one of these steps, the operation may be vulnerable to a timing attack that can result in the interception of the process for nefarious purposes.

[object Object]

Common consequences

Potential mitigations

Related CWEs

Recent CVEs classified under this CWE