CWE-1049β€”Excessive Data Query Operations in a Large Data Table

PUBLISHEDweakness record
released 2019-01-03 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-1049
Abstraction:
Base
Structure:
Simple
Status:
Incomplete
Release Date:
2019-01-03
Latest Modification Date:
2025-12-11

Weakness Name

Excessive Data Query Operations in a Large Data Table

Description

The product performs a data query with a large number of joins and sub-queries on a large data table.

While the interpretation of "large data table" and "large number of joins or sub-queries" may vary for each product or developer, CISQ recommends a default of 1 million rows for a "large" data table, a default minimum of 5 joins, and a default minimum of 3 sub-queries.

Common Consequences

Scope:
Other
Impact:
Reduce Performance
Notes:
This issue can make the product perform more slowly. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.

Related Weaknesses