Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-1074:Class with Excessively Deep Inheritance
Weakness ID:1074
Version:v4.17
Weakness Name:Class with Excessively Deep Inheritance
Vulnerability Mapping:Prohibited
Abstraction:Base
Structure:Simple
Status:Incomplete
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

A class has an inheritance level that is too high, i.e., it has a large number of parent classes.

▼Extended Description

This issue makes it more difficult to understand and maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.

While the interpretation of "large number of parent classes" may vary for each product or developer, CISQ recommends a default maximum of 7 parent classes.

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
ChildOfAllowed-with-ReviewC1093Excessively Complex Data Representation
Nature: ChildOf
Mapping: Allowed-with-Review
Type: Class
ID: 1093
Name: Excessively Complex Data Representation
▼Memberships
NatureMappingTypeIDName
MemberOfProhibitedC1130CISQ Quality Measures (2016) - Maintainability
MemberOfProhibitedC1226Complexity Issues
MemberOfProhibitedC1307CISQ Quality Measures - Maintainability
MemberOfProhibitedC1412Comprehensive Categorization: Poor Coding Practices
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1130
Name: CISQ Quality Measures (2016) - Maintainability
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1226
Name: Complexity Issues
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1307
Name: CISQ Quality Measures - Maintainability
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1412
Name: Comprehensive Categorization: Poor Coding Practices
▼Tags
NatureMappingTypeIDName
MemberOfProhibitedBSBOSS-310Reduce Maintainability (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-310
Name: Reduce Maintainability (impact)
▼Relevant To View
Relevant to the view"CISQ Quality Measures (2020) - (1305)"
NatureMappingTypeIDName
MemberOfProhibitedC1307CISQ Quality Measures - Maintainability
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1307
Name: CISQ Quality Measures - Maintainability
Relevant to the view"Software Development - (699)"
NatureMappingTypeIDName
MemberOfProhibitedC1226Complexity Issues
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1226
Name: Complexity Issues
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
OtherN/AReduce Maintainability
N/A
Scope: Other
Likelihood: N/A
Impact: Reduce Maintainability
Note:
N/A
▼Potential Mitigations
▼Modes Of Introduction
▼Applicable Platforms
▼Demonstrative Examples
▼Observed Examples
ReferenceDescription
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      Indirect
      N/A
      Ordinality: Indirect
      Description:
      N/A
      ▼Detection Methods
      ▼Vulnerability Mapping Notes
      Usage:Prohibited
      Reason:Other
      Rationale:

      This entry is primarily a quality issue with no direct security implications.

      Comments:

      Look for weaknesses that are focused specifically on insecure behaviors that have more direct security implications.

      Suggestions:
      ▼Notes
      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      OMG ASCMMASCMM-MNT-17N/AN/A
      Taxonomy Name: OMG ASCMM
      Entry ID: ASCMM-MNT-17
      Fit: N/A
      Entry Name: N/A
      ▼Related Attack Patterns
      IDName
      ▼References
      Reference ID: REF-960
      Title: Automated Source Code Maintainability Measure (ASCMM)
      Author: Object Management Group (OMG)
      Section: ASCMM-MNT-17
      Publication:
      Publisher:
      Edition:
      URL:https://www.omg.org/spec/ASCMM/
      URL Date:2023-04-07
      Day:N/A
      Month:01
      Year:2016
      Details not found