CVEbaza.plSłownik CWECWE-1077
Common Weakness Enumeration

CWE-1077

Floating Point Comparison with Incorrect Operator

Kategoria: VariantCVE: 5
Opis

Kod wykonuje porównanie, takie jak test równości między dwiema wartościami zmiennoprzecinkowymi (float), ale używa operatorów porównania, które nie uwzględniają możliwości utraty precyzji. Może to prowadzić do nieprawidłowych wyników ze względu na błędy zaokrąglenia zmiennoprzecinkowego.

Description (EN)

The code performs a comparison such as an equality test between two float (floating point) values, but it uses comparison operators that do not account for the possibility of loss of precision.

Podatności CVE z CWE-1077 (5)
6.5
CVSS
MEDIUM
CVE-2025-55658

GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gf_opus_parse_packet_header function (media_tools/av_parsers.c). bThis vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

pub. 2026-06-09
6.2
CVSS
MEDIUM
CVE-2023-26590

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

pub. 2023-07-10
6.2
CVSS
MEDIUM
CVE-2023-32627

A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.

pub. 2023-07-10
5.5
CVSS
MEDIUM
CVE-2023-4720

Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.

pub. 2023-09-01
5.5
CVSS
MEDIUM
CVE-2022-4293

Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.

pub. 2022-12-05
Informacje
ID: CWE-1077
Typ: Variant
Podatności: 5
MITRE CWE ↗
← Słownik CWE