CVEbaza.plSłownik CWECWE-597
Common Weakness Enumeration

CWE-597

Use of Wrong Operator in String Comparison

Kategoria: VariantCVE: 3
Opis

Produkt używa niewłaściwego operatora podczas porównywania stringów, na przykład operator "==" zamiast metody .equals(). Może to prowadzić do nieprawidłowych wyników porównania i błędów logicznych w programie.

Description (EN)

The product uses the wrong operator when comparing a string, such as using "==" when the .equals() method should be used instead.

Podatności CVE z CWE-597 (3)
9.8
CVSS
CRITICAL
CVE-2021-3797

hestiacp is vulnerable to Use of Wrong Operator in String Comparison

pub. 2021-09-15
5.9
CVSS
MEDIUM
CVE-2022-36072

SilverwareGames.io is a social network for users to play video games online. In version 1.1.8 and prior, due to an unobvious feature of PHP, hashes generated by built-in functions and starting with the `0e` symbols were being handled as zero multiplied with the `e` number. Therefore, the hash value was equal to 0. The maintainers fixed this in version 1.1.9 by using `===` instead of `==` in comparisons where it is possible (e.g. on sign in/sign up handlers).

pub. 2022-09-06
5.0
CVSS
MEDIUM
CVE-2021-4259

A vulnerability was found in phpRedisAdmin up to 1.16.1. It has been classified as problematic. This affects the function authHttpDigest of the file includes/login.inc.php. The manipulation of the argument response leads to use of wrong operator in string comparison. Upgrading to version 1.16.2 is able to address this issue. The name of the patch is 31aa7661e6db6f4dffbf9a635817832a0a11c7d9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216267.

pub. 2022-12-19
Informacje
ID: CWE-597
Typ: Variant
Podatności: 3
MITRE CWE ↗
← Słownik CWE