CWE-491 - Public cloneable() Method Without Final ('Object Hijack')

Abstraction:Variant
Structure:Simple
Status:Draft

Release Date:2006-07-19
Latest Modification Date:2023-06-29

Weakness Name

Public cloneable() Method Without Final ('Object Hijack')

Description

A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state.

Common Consequences

Scope: Integrity, Other

Impact: Unexpected State, Varies by Context

CWE-491 - Public cloneable() Method Without Final ('Object Hijack')

Weakness Name

Description

Common Consequences

Related Weaknesses

Latest Security News

Top CVE List

Top Alert List

Top CWE List