A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are associated with things being overly complex.
A class contains an unnecessarily large number of children.
A class has an inheritance level that is too high, i.e., it has a large number of parent classes.
The software uses a data element that has an excessively large number of sub-elements with non-primitive data types such as structures or aggregated objects.
The product has an attack surface whose quantitative measurement exceeds a desirable maximum.
The code is structured in a way that a Halstead complexity measure exceeds a desirable maximum.
The code contains McCabe cyclomatic complexity that exceeds a desirable maximum.
The software performs too many data queries without using efficient data processing functionality such as stored procedures.
The product uses too much self-modifying code.
The code uses too many unconditional branches (such as "goto").
The code contains a callable or other code grouping in which the nesting / branching is too deep.
The software contains a function, subroutine, or method whose signature has an unnecessarily large number of parameters/arguments.
A named-callable or method control element has a signature that supports a variable (variadic) number of parameters or arguments.
The software uses a loop with a control flow condition based on a value that is updated within the body of the loop.
The software contains modules in which one module has references that cycle back to itself, i.e., there are circular dependencies.
The software contains a class with inheritance from more than one concrete class.
A source code file has too many lines of code.
The software performs unconditional control transfer (such as a "goto") in code outside of a branching structure such as a switch block.
This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development l...