CWE-1096 - Singleton Class Instance Creation without Proper Locking or Synchronization
CWE-1096
- Abstraction:
- Variant
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Singleton Class Instance Creation without Proper Locking or Synchronization
- Description
The product implements a Singleton design pattern but does not use appropriate locking or other synchronization mechanism to ensure that the singleton class is only instantiated once.
This issue can prevent the product from running reliably, e.g. by making the instantiation process non-thread-safe and introducing deadlock (CWE-833) or livelock conditions. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.
- Common Consequences
Scope: Other
Impact: Reduce Reliability
- Related Weaknesses
- Release Date:
- 2019-01-03
- Latest Modification Date:
- 2023-06-29
Free security scan for your website