CWE-491

Public cloneable() Method Without Final ('Object Hijack')

AI Translation Available

A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state.

Status

draft

Abstraction

variant

Affected Platforms

Java

Technical Details

AI Translation

Common Consequences

integrity other

Impacts

unexpected state varies by context

Detection Methods

automated static analysis

Potential Mitigations

Phases:

implementation

Descriptions:

• Make the cloneable() method final.

AI Generated Translation

Common Consequences

integrità altro

Impacts

stato inaspettato varia dal contesto

Detection Methods

analisi statica automatizzata

Potential Mitigations

Phases:

implementazione

Descriptions:

• Rendi il metodo cloneable() finale.

CWE-491

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Iscriviti alla newsletter