CWE-1109: Use of Same Variable for Multiple Purposes
The code contains a callable, block, or other code element in which the same variable is used to control more than one unique task or store more than one instance of data.
Last updated
Overview
CWE-1109 (Use of Same Variable for Multiple Purposes) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Common consequences
What can happen when CWE-1109 is exploited.
Reduce Maintainability
Affects: Other
This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.
Increase Analytical Complexity
Affects: Other
Use of the same variable for multiple purposes can make it more difficult for a person to read or understand the code, potentially hiding other quality issues.
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
Illustrative examples
Real CVEs that MITRE cites as examples of this weakness.