Falhas do tipo CWE-1254
6 resultadosCVE-2022-39308MEDIUMGoCD API authentication of user access tokens subject to timing attack during comparisonEPSS 0.6%CVE-2026-34572HIGHCI4MS: Account Deactivation Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw)EPSS 0.5%CVE-2026-34570HIGHCI4MS: Account Deletion Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw)EPSS 0.5%CVE-2026-28929HIGHA logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14EPSS 0.4%CVE-2013-10031HIGHPlack::Middleware::Session versions before 0.17 for Perl may be vulnerable to HMAC comparison timing attacksEPSS 0.2%CVE-2026-27007MEDIUMOpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreationEPSS 0.2%