logo

CWE-1096 - Singleton Class Instance Creation without Proper Locking or Synchronization

CWE-1096

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Singleton Class Instance Creation without Proper Locking or Synchronization

Description

The product implements a Singleton design pattern but does not use appropriate locking or other synchronization mechanism to ensure that the singleton class is only instantiated once.

This issue can prevent the product from running reliably, e.g. by making the instantiation process non-thread-safe and introducing deadlock (CWE-833) or livelock conditions. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.

Common Consequences

Scope: Other

Impact: Reduce Reliability

Related Weaknesses
  • Release Date:
  • 2019-01-03
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website