CWE-462: Duplicate Key in Associative List (Alist)
Duplicate keys in associative lists can lead to non-unique keys being mistaken for an error.
Last updated
Overview
A duplicate key entry -- if the alist is designed properly -- could be used as a constant time replace function. However, duplicate key entries could be inserted by mistake. Because of this ambiguity, duplicate key entries in an association list are not recommended and should not be allowed.
Real-world CVEs
1 recorded CVEs are caused by CWE-462 (Duplicate Key in Associative List (Alist)). The highest-severity and most recent are shown first. 0 new CWE-462 CVEs have been recorded so far in 2026 (1 in 2025).
Common consequences
What can happen when CWE-462 is exploited.
Quality Degradation, Varies by Context
Affects: Other
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.