CWE-1254
5 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1254page 1 of 1
- CVE-2013-10031HIGHCVSS 7.5EG 7.52025-12-09
Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks
- CVE-2022-39308MEDIUMCVSS 6.5EG 6.52022-10-14
GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions from 19.2.0 to 19.10.0 (inclusive) are subject to a timing attack in validatio…
- CVE-2026-28929HIGHCVSS 7.5EG 7.52026-05-11
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Replying to an email could display remote images in Mail in Lockdown Mode.
- CVE-2026-34570HIGHCVSS 8.8EG 8.82026-04-01
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when …
- CVE-2026-34572HIGHCVSS 8.8EG 8.82026-04-01
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when …
Map vulnerabilities like CWE-1254 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1254 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →