CWE-1064: Invokable Control Element with Signature Containing an Excessive Number of Parameters

The product contains a function, subroutine, or method whose signature has an unnecessarily large number of parameters/arguments.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

While the interpretation of "large number of parameters" may vary for each product or developer, CISQ recommends a default maximum of 7 parameters/arguments.

CWE-1064: Invokable Control Element with Signature Containing an Excessive Number of Parameters

Overview

Common consequences

How it happens

When it is introduced

How to detect it

Automated Static Analysis

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-1064?

How is CWE-1064 detected?

What are the consequences of CWE-1064?

References

Stay ahead of CWE-1064

Overview

Common consequences

How it happens

When it is introduced

How to detect it

Automated Static Analysis

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-1064?

How is CWE-1064 detected?

What are the consequences of CWE-1064?

References

Stay ahead of CWE-1064