Category: Numeric Errors
Draft
Summary
Weaknesses in this category are related to improper calculation or conversion of numbers.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-128 | Wrap-around Error | A wrap-around error happens when a variable exceeds the maximum value its data type can hold, causing it to unexpectedly reset to a very small, negative, or undefined number instead of increasing further. |
| CWE-1335 | Incorrect Bitwise Shift of Integer | This vulnerability occurs when a program attempts to shift an integer's bits by an invalid amount—either a negative number or a value equal to or greater than the integer's bit width (e.g., shifting a 32-bit integer by 32 or more places). This leads to unpredictable and platform-dependent results. |
| CWE-1339 | Insufficient Precision or Accuracy of a Real Number | This vulnerability occurs when a program uses a data type or algorithm that cannot accurately represent or calculate the fractional part of a real number, leading to incorrect results in security-critical operations. |
| CWE-1389 | Incorrect Parsing of Numbers with Different Radices | This vulnerability occurs when software processes numeric input expecting standard decimal numbers (base 10), but fails to handle inputs formatted in other bases like octal or hexadecimal. This mismatch leads to the system interpreting the same digits as a completely different numeric value. |
| CWE-190 | Integer Overflow or Wraparound | Integer overflow or wraparound occurs when a calculation produces a numeric result that exceeds the maximum value a variable can hold. Instead of increasing as expected, the value wraps around to a very small or negative number, breaking the program's logic. |
| CWE-191 | Integer Underflow (Wrap or Wraparound) | Integer underflow occurs when a subtraction operation results in a value smaller than the data type's minimum limit, causing the value to wrap around to a large, incorrect number. |
| CWE-193 | Off-by-one Error | An off-by-one error occurs when a program incorrectly calculates a boundary, such as a loop counter or array index, by being one unit too high or too low. This often leads to buffer overflows, memory corruption, or unexpected program behavior. |
| CWE-369 | Divide By Zero | A divide-by-zero error occurs when software attempts to perform a division operation where the denominator is zero. |
| CWE-681 | Incorrect Conversion between Numeric Types | This vulnerability occurs when a program converts a value from one numeric type to another (like a 64-bit integer to a 32-bit integer) and the conversion loses or misinterprets data. If these corrupted values are later used in security-critical operations—like calculating buffer sizes, checking permissions, or performing financial transactions—they can lead to crashes, incorrect behavior, or security bypasses. |
| CWE-839 | Numeric Range Comparison Without Minimum Check | This vulnerability occurs when software validates that a number is within an acceptable range by only checking that it's less than or equal to a maximum value, but fails to also verify that it is greater than or equal to a required minimum. This oversight can allow negative or otherwise invalid low values to pass the check, leading to unexpected behavior. |
| CWE-699 | Software Development | This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development lifecycle including both architecture and implementation. Accordingly, this view can align closely with the perspectives of architects, developers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves [REF-1287]. This CWE ID may have become widely-used because of NIST's usage in NVD from 2008 to 2016 (see CWE-635 view, updated to the CWE-1003 view in 2016).
Comment:
Most number-handling issues are probably descendants under Incorrect Calculation (CWE-682) or Incorrect Conversion between Numeric Types (CWE-681).