Description

The product performs CPU computations using algorithms that are not as efficient as they could be for the needs of the developer, i.e., the computations can be optimized further.

Extended Description

This issue can make the product perform more slowly, possibly in ways that are noticeable to the users. If an attacker can influence the amount of computation that must be performed, e.g. by triggering worst-case complexity, then this performance problem might introduce a vulnerability.

---

ThreatScore

Threat Mapped score: 0.0

Industry: Finiancial

Threat priority: Unclassified

---

Observed Examples (CVEs)

• CVE: CVE-2022-37734

  Chain: lexer in Java-based GraphQL server does not enforce maximum of tokens early enough (CWE-696), allowing excessive CPU consumption (CWE-1176)

Related Attack Patterns (CAPEC)

N/A

---

Attack TTPs

N/A

Modes of Introduction

Phase	Note
Architecture and Design	N/A
Implementation	N/A

Common Consequences

Potential Mitigations

Applicable Platforms

• None listed.

---

Demonstrative Examples

N/A

Notes

← Back to CWE list