Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-1063:Creation of Class Instance within a Static Code Block
Weakness ID:1063
Version:v4.17
Weakness Name:Creation of Class Instance within a Static Code Block
Vulnerability Mapping:Prohibited
Abstraction:Base
Structure:Simple
Status:Incomplete
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

A static code block creates an instance of a class.

▼Extended Description

This pattern identifies situations where a storable data element or member data element is initialized with a value in a block of code which is declared as static.

This issue can make the product perform more slowly by performing initialization before it is needed. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
ChildOfAllowed-with-ReviewC1176Inefficient CPU Computation
Nature: ChildOf
Mapping: Allowed-with-Review
Type: Class
ID: 1176
Name: Inefficient CPU Computation
▼Memberships
NatureMappingTypeIDName
MemberOfProhibitedC1006Bad Coding Practices
MemberOfProhibitedC1132CISQ Quality Measures (2016) - Performance Efficiency
MemberOfProhibitedC1416Comprehensive Categorization: Resource Lifecycle Management
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1006
Name: Bad Coding Practices
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1132
Name: CISQ Quality Measures (2016) - Performance Efficiency
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1416
Name: Comprehensive Categorization: Resource Lifecycle Management
▼Tags
NatureMappingTypeIDName
MemberOfProhibitedBSBOSS-313Reduce Performance (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-313
Name: Reduce Performance (impact)
▼Relevant To View
Relevant to the view"Software Development - (699)"
NatureMappingTypeIDName
MemberOfProhibitedC1006Bad Coding Practices
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1006
Name: Bad Coding Practices
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
OtherN/AReduce Performance
N/A
Scope: Other
Likelihood: N/A
Impact: Reduce Performance
Note:
N/A
▼Potential Mitigations
▼Modes Of Introduction
▼Applicable Platforms
▼Demonstrative Examples
▼Observed Examples
ReferenceDescription
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      Indirect
      N/A
      Ordinality: Indirect
      Description:
      N/A
      ▼Detection Methods
      ▼Vulnerability Mapping Notes
      Usage:Prohibited
      Reason:Other
      Rationale:

      This entry is primarily a quality issue with no direct security implications.

      Comments:

      Look for weaknesses that are focused specifically on insecure behaviors that have more direct security implications.

      Suggestions:
      ▼Notes
      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      OMG ASCPEMASCPEM-PRF-1N/AN/A
      Taxonomy Name: OMG ASCPEM
      Entry ID: ASCPEM-PRF-1
      Fit: N/A
      Entry Name: N/A
      ▼Related Attack Patterns
      IDName
      ▼References
      Reference ID: REF-959
      Title: Automated Source Code Performance Efficiency Measure (ASCPEM)
      Author: Object Management Group (OMG)
      Section: ASCPEM-PRF-1
      Publication:
      Publisher:
      Edition:
      URL:https://www.omg.org/spec/ASCPEM/
      URL Date:2023-04-07
      Day:N/A
      Month:01
      Year:2016
      Details not found