CWE-595 - Comparison of Object References Instead of Object Contents

CWE-595

Abstraction:
Variant

Structure:
Simple

Status:
Incomplete

Weakness Name: Comparison of Object References Instead of Object Contents

Description: The product compares object references instead of the contents of the objects themselves, preventing it from detecting equivalent objects.
For example, in Java, comparing objects using == usually produces deceptive results, since the == operator compares object references rather than values; often, this means that using == for strings is actually comparing the strings' references, not their values.

Common Consequences: Scope: Other
Impact: Varies by Context
Notes: This weakness can lead to erroneous results that can cause unexpected application behaviors.

Related Weaknesses: CWE-1025Comparison Using Wrong Factors

Release Date:
2006-12-15

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard