Category: Complexity Issues
Draft
Summary
Weaknesses in this category are associated with things being overly complex.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1043 | Data Element Aggregating an Excessively Large Number of Non-Primitive Elements | The product uses a data element that has an excessively large number of sub-elements with non-primitive data types such as structures or aggregated objects. |
| CWE-1047 | Modules with Circular Dependencies | The product contains modules in which one module has references that cycle back to itself, i.e., there are circular dependencies. |
| CWE-1055 | Multiple Inheritance from Concrete Classes | The product contains a class with inheritance from more than one concrete class. |
| CWE-1056 | Invokable Control Element with Variadic Parameters | A named-callable or method control element has a signature that supports a variable (variadic) number of parameters or arguments. |
| CWE-1060 | Excessive Number of Inefficient Server-Side Data Accesses | The product performs too many data queries without using efficient data processing functionality such as stored procedures. |
| CWE-1064 | Invokable Control Element with Signature Containing an Excessive Number of Parameters | The product contains a function, subroutine, or method whose signature has an unnecessarily large number of parameters/arguments. |
| CWE-1074 | Class with Excessively Deep Inheritance | A class has an inheritance level that is too high, i.e., it has a large number of parent classes. |
| CWE-1075 | Unconditional Control Flow Transfer outside of Switch Block | The product performs unconditional control transfer (such as a "goto") in code outside of a branching structure such as a switch block. |
| CWE-1080 | Source Code File with Excessive Number of Lines of Code | A source code file has too many lines of code. |
| CWE-1086 | Class with Excessive Number of Child Classes | A class contains an unnecessarily large number of children. |
| CWE-1095 | Loop Condition Value Update within the Loop | The product uses a loop with a control flow condition based on a value that is updated within the body of the loop. |
| CWE-1119 | Excessive Use of Unconditional Branching | The code uses too many unconditional branches (such as "goto"). |
| CWE-1121 | Excessive McCabe Cyclomatic Complexity | The code contains McCabe cyclomatic complexity that exceeds a desirable maximum. |
| CWE-1122 | Excessive Halstead Complexity | The code is structured in a way that a Halstead complexity measure exceeds a desirable maximum. |
| CWE-1123 | Excessive Use of Self-Modifying Code | The product uses too much self-modifying code. |
| CWE-1124 | Excessively Deep Nesting | The code contains a callable or other code grouping in which the nesting / branching is too deep. |
| CWE-1125 | Excessive Attack Surface | The product has an attack surface whose quantitative measurement exceeds a desirable maximum. |
| CWE-1333 | Inefficient Regular Expression Complexity | The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. |
| CWE-699 | Software Development | This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development lifecycle including both architecture and implementation. Accordingly, this view can align closely with the perspectives of architects, developers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.