CWE-192
Integer Coercion Error
Integer coercion refers to a set of flaws pertaining to the type casting, extension, or truncation of primitive data types.
CVE-2014-125011 (GCVE-0-2014-125011)
Vulnerability from cvelistv5
Published
2022-06-18 06:15
Modified
2025-04-15 14:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-192 - Integer Coercion Error
Summary
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| unspecified | FFmpeg |
Version: 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d42ec8433c687fcbccefa51a7716d81920218e4f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12391"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2014-125011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:58:07.164242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:22:34.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-192",
"description": "CWE-192 Integer Coercion Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:15:58.000Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d42ec8433c687fcbccefa51a7716d81920218e4f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12391"
}
],
"title": "FFmpeg ansi.c decode_frame integer coercion",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125011",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg ansi.c decode_frame integer coercion"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-192 Integer Coercion Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d42ec8433c687fcbccefa51a7716d81920218e4f",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d42ec8433c687fcbccefa51a7716d81920218e4f"
},
{
"name": "https://vuldb.com/?id.12391",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12391"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125011",
"datePublished": "2022-06-18T06:15:58.000Z",
"dateReserved": "2022-06-17T00:00:00.000Z",
"dateUpdated": "2025-04-15T14:22:34.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-125012 (GCVE-0-2014-125012)
Vulnerability from cvelistv5
Published
2022-06-18 06:16
Modified
2025-04-15 14:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-192 - Integer Coercion Error
Summary
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| unspecified | FFmpeg |
Version: 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=a392bf657015c9a79a5a13adfbfb15086c1943b9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.12390"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2014-125012",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:58:02.913432Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:22:27.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "unspecified",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mateusz Jurczyk/Gynvael Coldwind"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-192",
"description": "CWE-192 Integer Coercion Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-18T06:16:00.000Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=a392bf657015c9a79a5a13adfbfb15086c1943b9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.12390"
}
],
"title": "FFmpeg dxtroy.c integer coercion",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2014-125012",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "FFmpeg dxtroy.c integer coercion"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FFmpeg",
"version": {
"version_data": [
{
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": ""
}
]
}
},
"credit": "Mateusz Jurczyk/Gynvael Coldwind",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-192 Integer Coercion Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=a392bf657015c9a79a5a13adfbfb15086c1943b9",
"refsource": "MISC",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=a392bf657015c9a79a5a13adfbfb15086c1943b9"
},
{
"name": "https://vuldb.com/?id.12390",
"refsource": "MISC",
"url": "https://vuldb.com/?id.12390"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125012",
"datePublished": "2022-06-18T06:16:00.000Z",
"dateReserved": "2022-06-17T00:00:00.000Z",
"dateUpdated": "2025-04-15T14:22:27.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32996 (GCVE-0-2021-32996)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2025-04-17 18:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-192 - INTEGER COERCION ERROR
Summary
The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | FANUC | R-30iA, R-30iA Mate |
Version: v7 < |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:19.109Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-243-02"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-32996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T17:53:39.607407Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681 Incorrect Conversion between Numeric Types",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T18:48:35.554Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "R-30iA, R-30iA Mate",
"vendor": "FANUC",
"versions": [
{
"lessThanOrEqual": "v7.70",
"status": "affected",
"version": "v7",
"versionType": "custom"
}
]
},
{
"product": "R-30iB, R-30iB Mate, R-30iB Compact",
"vendor": "FANUC",
"versions": [
{
"lessThanOrEqual": "v8.36",
"status": "affected",
"version": "v8",
"versionType": "custom"
}
]
},
{
"product": "R-30iB Plus, R-30iB Mate Plus, R-30iB Compact Plus, R-30iB Mini Plus",
"vendor": "FANUC",
"versions": [
{
"lessThanOrEqual": "v9.40",
"status": "affected",
"version": "V9",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-192",
"description": "CWE-192 INTEGER COERCION ERROR",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:08.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-243-02"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-12-07T17:00:00.000Z",
"ID": "CVE-2021-32996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "R-30iA, R-30iA Mate",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "v7",
"version_value": "v7.70"
}
]
}
},
{
"product_name": "R-30iB, R-30iB Mate, R-30iB Compact",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "v8",
"version_value": "v8.36"
}
]
}
},
{
"product_name": "R-30iB Plus, R-30iB Mate Plus, R-30iB Compact Plus, R-30iB Mini Plus",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "V9",
"version_value": "v9.40"
}
]
}
}
]
},
"vendor_name": "FANUC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-192 INTEGER COERCION ERROR"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-243-02",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-243-02"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-32996",
"datePublished": "2022-01-07T22:39:08.821Z",
"dateReserved": "2021-05-13T00:00:00.000Z",
"dateUpdated": "2025-04-17T18:48:35.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2639 (GCVE-0-2022-2639)
Vulnerability from cvelistv5
Published
2022-09-01 20:32
Modified
2024-08-03 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-192 - ->CWE-787
Summary
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:46:03.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084479"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/cefa91b2332d7009bc0be5d951d6cbbf349f90f8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.18"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-192",
"description": "CWE-192-\u003eCWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-01T20:32:54",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084479"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/cefa91b2332d7009bc0be5d951d6cbbf349f90f8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-2639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.18"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-192-\u003eCWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2084479",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084479"
},
{
"name": "https://github.com/torvalds/linux/commit/cefa91b2332d7009bc0be5d951d6cbbf349f90f8",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/cefa91b2332d7009bc0be5d951d6cbbf349f90f8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-2639",
"datePublished": "2022-09-01T20:32:54",
"dateReserved": "2022-08-03T00:00:00",
"dateUpdated": "2024-08-03T00:46:03.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Requirements
Description:
- A language which throws exceptions on ambiguous data casts might be chosen.
Mitigation
Phase: Architecture and Design
Description:
- Design objects and program flow such that multiple or complex casts are unnecessary
Mitigation
Phase: Implementation
Description:
- Ensure that any data type casting that you must used is entirely understood in order to reduce the plausibility of error in use.
No CAPEC attack patterns related to this CWE.