CWE-1255
3 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1255page 1 of 1
- CVE-2024-25714CRITICALCVSS 9.8EG 9.12024-02-11
In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. (The fix uses gnutls_mem…
- CVE-2024-39920MEDIUMCVSS 4.3EG 4.32024-07-03
The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system (to any server), when that client system is concurrently obtaining TCP data at…
- CVE-2025-3301LOWCVSS 1.0EG 0.02025-04-29
DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in expos…
Map vulnerabilities like CWE-1255 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1255 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →