QwikSec

Security Database

CVE

CWE

Training

CWE Database
/

CWE-1235

Back to CWE list

CWE-1235

Incorrect Use of Autoboxing and Unboxing for Performance Critical Operations

Base
Incomplete

Description

The code uses boxed primitives, which may introduce inefficiencies into performance-critical operations.

Common Consequences

Scope

Availability

Impact

DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Resource Consumption (Other), Reduce Performance

Potential Mitigations

Implementation

Use of boxed primitives should be limited to certain situations such as when calling methods with typed parameters. They should not be used for scientific computing or other performance critical operations. They are only suited to support "impedance mismatch" between reference types and primitives. Examine the use of boxed primitives prior to use. Use SparseArrays or ArrayMap instead of HashMap to avoid performance overhead.

Applicable Platforms

Java
C#

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now