CWE-1255

2 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-1255page 1 of 1

CVE-2024-25714CRITICALCVSS 9.8EG 9.1
2024-02-11
In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. (The fix uses gnutls_mem…
CVE-2024-39920MEDIUMCVSS 4.3EG 4.3
2024-07-03
The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system (to any server), when that client system is concurrently obtaining TCP data at…

Map vulnerabilities like CWE-1255 to your infrastructure

EchelonGraph correlates every CVE — across CWE-1255 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →