CWE-1056 - Invokable Control Element with Variadic Parameters
- Abstraction:Base
- Structure:Simple
- Status:Incomplete
- Release Date:2019-01-03
- Latest Modification Date:2025-12-11
Weakness Name
Invokable Control Element with Variadic Parameters
Description
A named-callable or method control element has a signature that supports a variable (variadic) number of parameters or arguments.
Common Consequences
Scope: Other
Impact: Reduce Reliability
Notes: This issue can prevent the product from running reliably. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability. With variadic arguments, it can be difficult or inefficient for manual analysis to be certain of which function/method is being invoked.