CWE-1070 - Serializable Data Element Containing non-Serializable Item Elements
- Abstraction:Base
- Structure:Simple
- Status:Incomplete
- Release Date:2019-01-03
- Latest Modification Date:2025-12-11
Weakness Name
Serializable Data Element Containing non-Serializable Item Elements
Description
The product contains a serializable, storable data element such as a field or member, but the data element contains member elements that are not serializable.
Common Consequences
Scope: Other
Impact: Reduce Reliability
Notes: This issue can prevent the product from running reliably. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.