CWE-1120 |
The code is too complex, as calculated using a well-defined,
quantitative measure. |
CWE-1121 |
The code contains McCabe cyclomatic complexity that exceeds a
desirable maximum. |
CWE-1122 |
The code is structured in a way that a Halstead complexity
measure exceeds a desirable maximum. |
CWE-1123 |
The product uses too much self-modifying
code. |
CWE-1124 |
The code contains a callable or other code grouping in which
the nesting / branching is too deep. |
CWE-1125 |
The product has an attack surface whose quantitative
measurement exceeds a desirable maximum. |
CWE-1126 |
The source code declares a variable in one scope, but the
variable is only used within a narrower scope. |
CWE-1127 |
The code is compiled without sufficient warnings enabled, which
may prevent the detection of subtle bugs or quality
issues. |
CWE-113 |
The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers. |
CWE-114 |
Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker. |