Détail du CWE-1176

CWE-1176

Inefficient CPU Computation
Incomplete
2019-01-03
00h00 +00:00
2023-10-26
00h00 +00:00
CWE Mitre.org
Notifications pour un CWE
Restez informé de toutes modifications pour un CWE spécifique.
Gestion des notifications

Nom: Inefficient CPU Computation

The product performs CPU computations using algorithms that are not as efficient as they could be for the needs of the developer, i.e., the computations can be optimized further.

Description du CWE

This issue can make the product perform more slowly, possibly in ways that are noticeable to the users. If an attacker can influence the amount of computation that must be performed, e.g. by triggering worst-case complexity, then this performance problem might introduce a vulnerability.

Informations générales

Modes d'introduction

Architecture and Design
Implementation

Conséquences courantes

Portée Impact Probabilité
AvailabilityDoS: Resource Consumption (CPU)
OtherReduce Performance

Exemples observés

Références Description

CVE-2022-37734

Chain: lexer in Java-based GraphQL server does not enforce maximum of tokens early enough (CWE-696), allowing excessive CPU consumption (CWE-1176)

Notes de cartographie des vulnérabilités

Justification : This CWE entry is a Class and might have Base-level children that would be more appropriate
Commentaire : Examine children of this entry to see if there is a better fit

Références

REF-1008

Computational complexity theory)
Wikipedia.
https://en.wikipedia.org/wiki/Computational_complexity_theory

Soumission

Nom Organisation Date Date de publication Version
CWE Content Team MITRE 2019-01-03 +00:00 2019-01-03 +00:00 3.2

Modifications

Nom Organisation Date Commentaire
CWE Content Team MITRE 2020-02-24 +00:00 updated Relationships
CWE Content Team MITRE 2023-01-31 +00:00 updated Description
CWE Content Team MITRE 2023-04-27 +00:00 updated Relationships
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes
CWE Content Team MITRE 2023-10-26 +00:00 updated Observed_Examples