目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-197 数值截断错误 类漏洞列表 39

CWE-197 数值截断错误 类弱点 39 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-197 数值截断错误属于数据转换漏洞,发生在将较大类型的数据强制转换为较小类型时,导致高位数据丢失。攻击者常利用此缺陷构造恶意输入,使截断后的值被用作缓冲区索引或循环迭代器,从而引发越界访问或逻辑绕过。开发者应避免隐式类型转换,在数据转换前进行严格的范围检查与验证,确保数值在目标类型的安全范围内,以消除潜在风险。

MITRE CWE 官方描述
CWE:CWE-197 Numeric Truncation Error(数值截断错误) 英文:当基本数据类型(primitive)被强制转换为较小尺寸的基本数据类型时,会发生截断错误(Truncation errors),导致在转换过程中数据丢失。 当基本数据类型被转换为较小的基本数据类型时,较大值的高位(high order bits)在转换过程中丢失,这可能导致产生一个不等于原始值的意外值。该值可能被用作缓冲区的索引、循环迭代器,或仅仅是必要的状态数据。在任何情况下,该值都不可信,系统将处于未定义状态。虽然此方法可能被用于有效地隔离值的低位(low bits),但这种用法较为罕见,而截断通常意味着发生了实现错误。
常见影响 (1)
IntegrityModify Memory
The true value of the data is lost and corrupted data is used.
缓解措施 (1)
ImplementationEnsure that no casts, implicit or explicit, take place that move from a larger size primitive or a smaller size primitive.
代码示例 (2)
This example, while not exploitable, shows the possible mangling of values associated with truncation errors:
int intPrimitive; short shortPrimitive; intPrimitive = (int)(~((int)0) ^ (1 << (sizeof(int)*8-1))); shortPrimitive = intPrimitive; printf("Int MAXINT: %d\nShort MAXINT: %d\n", intPrimitive, shortPrimitive);
Bad · C
Int MAXINT: 2147483647 Short MAXINT: -1
Result
In the following Java example, the method updateSalesForProduct is part of a business application class that updates the sales information for a particular product. The method receives as arguments the product ID and the integer amount sold. The product ID is used to retrieve the total product count from an inventory object which returns the count as an integer. Before calling the method of the sa…
... // update sales database for number of product sold with product ID public void updateSalesForProduct(String productID, int amountSold) { // get the total number of products in inventory database int productCount = inventory.getProductCount(productID); // convert integer values to short, the method for the // sales object requires the parameters to be of type short short count = (short) productCount; short sold = (short) amountSold; // update sales database for product sales.updateSalesCount(productID, count, sold); } ...
Bad · Java
... // update sales database for number of product sold with product ID public void updateSalesForProduct(String productID, int amountSold) { // get the total number of products in inventory database int productCount = inventory.getProductCount(productID); // make sure that integer numbers are not greater than // maximum value for type short before converting if ((productCount < Short.MAX_VALUE) && (amountSold < Short.MAX_VALUE)) { // convert integer values to short, the method for the // sales object requires the parameters to be of type short short count = (short) productCount; short sold =
Good · Java
CVE ID标题CVSS风险等级Published
CVE-2026-44927 uriparser<1.0.2指针差值截断漏洞 — uriparser 2.9 Low2026-05-08
CVE-2026-42371 Uriparser 安全漏洞 — uriparser 5.1 Medium2026-04-27
CVE-2026-32240 capnproto 环境问题漏洞 — capnproto 8.2AIHighAI2026-03-12
CVE-2025-53723 Microsoft Hyper-V 安全漏洞 — Windows 10 Version 1507 7.8 High2025-08-12
CVE-2025-6965 SQLite 安全漏洞 — SQLite 7.5 -2025-07-15
CVE-2025-49679 Microsoft Windows Shell 安全漏洞 — Windows 10 Version 1507 7.8 High2025-07-08
CVE-2024-49018 Microsoft SQL Server 安全漏洞 — Microsoft SQL Server 2017 (GDR) 8.8 High2024-11-12
CVE-2024-43639 Microsoft Windows Kerberos 安全漏洞 — Windows Server 2025 9.8 Critical2024-11-12
CVE-2024-43519 Microsoft OLE DB Provider for SQL Server 安全漏洞 — Windows 10 Version 1809 8.8 High2024-10-08
CVE-2024-37337 Microsoft SQL Server 安全漏洞 — Microsoft SQL Server 2017 (GDR) 7.1 High2024-09-10
CVE-2024-38125 Microsoft Windows 安全漏洞 — Windows 10 Version 1809 7.8 High2024-08-13
CVE-2024-38044 Microsoft Windows 安全漏洞 — Windows Server 2019 7.2 High2024-07-09
CVE-2024-38086 Microsoft Azure 安全漏洞 — Azure Kinect SDK 6.4 Medium2024-07-09
CVE-2024-30029 Microsoft Windows Routing and Remote Access Service 安全漏洞 — Windows 10 Version 1809 7.5 High2024-05-14
CVE-2024-30024 Microsoft Windows Routing and Remote Access Service 安全漏洞 — Windows 10 Version 1809 7.5 High2024-05-14
CVE-2024-30023 Microsoft Windows Routing and Remote Access Service 安全漏洞 — Windows 10 Version 1809 7.5 High2024-05-14
CVE-2024-30022 Microsoft Windows Routing and Remote Access Service 安全漏洞 — Windows 10 Version 1809 7.5 High2024-05-14
CVE-2024-30014 Microsoft Windows Routing and Remote Access Service 安全漏洞 — Windows 10 Version 1809 7.5 High2024-05-14
CVE-2024-30015 Microsoft Windows Routing and Remote Access Service 安全漏洞 — Windows 10 Version 1809 7.5 High2024-05-14
CVE-2024-30009 Microsoft Windows Routing and Remote Access Service 安全漏洞 — Windows 10 Version 1809 8.8 High2024-05-14
CVE-2023-32143 D-Link DAP-1360 安全漏洞 — DAP-1360 8.8 -2024-05-03
CVE-2024-28944 Microsoft OLE DB Provider for SQL Server 安全漏洞 — Microsoft SQL Server 2019 (GDR) 8.8 High2024-04-09
CVE-2024-29050 Microsoft Windows Cryptographic Services 安全漏洞 — Windows 10 Version 1809 8.4 High2024-04-09
CVE-2024-21440 Microsoft ODBC Driver 安全漏洞 — Windows 10 Version 1809 8.8 High2024-03-12
CVE-2024-21434 Microsoft Windows SCSI Class System File 安全漏洞 — Windows 10 Version 1809 7.8 High2024-03-12
CVE-2024-21451 Microsoft ODBC Driver 安全漏洞 — Windows 10 Version 1809 8.8 High2024-03-12
CVE-2024-21429 Microsoft Windows USB Hub Driver 安全漏洞 — Windows 10 Version 1809 6.8 Medium2024-03-12
CVE-2024-21391 Microsoft WDAC OLE DB provider for SQL 安全漏洞 — Windows 10 Version 1809 8.8 High2024-02-13
CVE-2024-21377 Microsoft Windows DNS 安全漏洞 — Windows 10 Version 1809 5.5 Medium2024-02-13
CVE-2024-21352 Microsoft OLE DB provider for SQL 安全漏洞 — Windows 10 Version 1809 8.8 High2024-02-13

CWE-197(数值截断错误) 是常见的弱点类别,本平台收录该类弱点关联的 39 条 CVE 漏洞。