CWE-1077— Floating Point Comparison with Incorrect Operator
The code performs a comparison such as an equality test between two float (floating point) values, but it uses comparison operators that do not account for the possibility of loss of precision.— MITRE CWE catalog
5 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1077page 1 of 1
- CVE-2022-4293MEDIUMCVSS 5.5EG 5.52022-12-05
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
- CVE-2023-26590MEDIUMCVSS 6.2EG 6.22023-07-10
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.
- CVE-2023-32627MEDIUMCVSS 6.2EG 6.22023-07-10
A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.
- CVE-2023-4720MEDIUMCVSS 5.5EG 4.02023-09-01
Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.
- CVE-2025-55658MEDIUMCVSS 6.5EG 7.52026-06-09
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gf_opus_parse_packet_header function (media_tools/av_parsers.c). bThis vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
Map vulnerabilities like CWE-1077 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1077 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →