CWE-1047

Modules with Circular Dependencies

BaseIncompleteSimple1 CVE

The product contains modules in which one module has references that cycle back to itself, i.e., there are circular dependencies.

As an example, with Java, this weakness might indicate cycles between packages.

OtherReduce Maintainability
This issue makes it more difficult to maintain the product due to insufficient modularity, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It can also prevent the product from running reliably. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.

CVEs referencing this CWE1

CVE	Description	Severity	EPSS	Flags	Modified
CVE-2023-5236	A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial of service.	MEDIUM6.5	0.89%p55		2025-11-21