VYPR

CWE-595

Comparison of Object References Instead of Object Contents

VariantIncomplete

Description

The product compares object references instead of the contents of the objects themselves, preventing it from detecting equivalent objects.

For example, in Java, comparing objects using == usually produces deceptive results, since the == operator compares object references rather than values; often, this means that using == for strings is actually comparing the strings' references, not their values.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (1)

  • CVE-2022-4812Dec 28, 2022
    risk 0.00cvss epss 0.01

    Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.