CWE-681β€”Incorrect Conversion between Numeric Types

PUBLISHEDweakness recordHigh
released 2008-04-11 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-681
Abstraction:
Base
Structure:
Simple
Status:
Draft
Release Date:
2008-04-11
Latest Modification Date:
2025-12-11

Weakness Name

Incorrect Conversion between Numeric Types

Description

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

Common Consequences

Scope:
Other, Integrity
Impact:
Unexpected State, Quality Degradation
Notes:
The program could wind up using the wrong number and generate incorrect results. If the number is used to allocate resources or make a security decision, then this could introduce a vulnerability.

Related Weaknesses