CWE-583 - finalize() Method Declared Public

Description: The product violates secure coding principles for mobile code by declaring a finalize() method public.
A product should never call finalize explicitly, except to call super.finalize() inside an implementation of finalize(). In mobile code situations, the otherwise error prone practice of manual garbage collection can become a security threat if an attacker can maliciously invoke a finalize() method because it is declared with public access.

Common Consequences: Scope: Confidentiality, Integrity, Availability
Impact: Alter Execution Logic, Execute Unauthorized Code or Commands, Modify Application Data

Free security scan for your website

Don't show website scan report rating on the leaderboard

The product violates secure coding principles for mobile code by declaring a finalize() method public.