Category: Encapsulation Issues
Draft
Summary
Weaknesses in this category are related to issues surrounding the bundling of data with the methods intended to operate on that data.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1054 | Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer | The code at one architectural layer invokes code that resides at a deeper layer than the adjacent layer, i.e., the invocation skips at least one layer, and the invoked code is not part of a vertical utility layer that can be referenced from any horizontal layer. |
| CWE-1057 | Data Access Operations Outside of Expected Data Manager Component | The product uses a dedicated, central data manager component as required by design, but it contains code that performs data-access operations that do not use this data manager. |
| CWE-1062 | Parent Class with References to Child Class | The code has a parent class that contains references to a child class, its methods, or its members. |
| CWE-1083 | Data Access from Outside Expected Data Manager Component | The product is intended to manage data access through a particular data manager component such as a relational or non-SQL database, but it contains code that performs data access operations without using that component. |
| CWE-1090 | Method Containing Access of a Member Element from Another Class | A method for a class performs an operation that directly accesses a member element from another class. |
| CWE-1100 | Insufficient Isolation of System-Dependent Functions | The product or code does not isolate system-dependent functionality into separate standalone modules. |
| CWE-1105 | Insufficient Encapsulation of Machine-Dependent Functionality | The product or code uses machine-dependent functionality, but it does not sufficiently encapsulate or isolate this functionality from the rest of the code. |
| CWE-699 | Software Development | This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development lifecycle including both architecture and implementation. Accordingly, this view can align closely with the perspectives of architects, developers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.