CWE-491 - Public cloneable() Method Without Final ('Object Hijack')
CWE-491
- Abstraction:
- Variant
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Public cloneable() Method Without Final ('Object Hijack')
- Description
A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state.
- Common Consequences
Scope: Integrity, Other
Impact: Unexpected State, Varies by Context
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website