CWE-1120βExcessive Code Complexity
PUBLISHEDweakness record
released 2019-01-03 Β· last modified 2025-12-11
Metadata
- CWE ID:
- CWE-1120
- Abstraction:
- Class
- Structure:
- Simple
- Status:
- Incomplete
- Release Date:
- 2019-01-03
- Latest Modification Date:
- 2025-12-11
Weakness Name
Excessive Code Complexity
Description
The code is too complex, as calculated using a well-defined, quantitative measure.
Common Consequences
- Scope:
- Other
- Impact:
- Reduce Maintainability, Increase Analytical Complexity
- Notes:
- This issue makes it more difficult to understand and/or maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.
- Scope:
- Other
- Impact:
- Reduce Performance
- Notes:
- This issue can make the product perform more slowly. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.