Category: SEI CERT Oracle Secure Coding Standard for Java - Guidelines 06. Methods (MET)
Stable
Summary
Weaknesses in this category are related to the rules and recommendations in the Methods (MET) section of the SEI CERT Oracle Secure Coding Standard for Java.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-568 | finalize() Method Without super.finalize() | The product contains a finalize() method that does not call super.finalize(). |
| CWE-573 | Improper Following of Specification by Caller | The product does not follow or incorrectly follows the specifications as required by the implementation language, environment, framework, protocol, or platform. |
| CWE-581 | Object Model Violation: Just One of Equals and Hashcode Defined | The product does not maintain equal hashcodes for equal objects. |
| CWE-583 | finalize() Method Declared Public | The product violates secure coding principles for mobile code by declaring a finalize() method public. |
| CWE-586 | Explicit Call to Finalize() | The product makes an explicit call to the finalize() method from outside the finalizer. |
| CWE-589 | Call to Non-ubiquitous API | The product uses an API function that does not exist on all versions of the target platform. This could cause portability problems or inconsistencies that allow denial of service or other consequences. |
| CWE-617 | Reachable Assertion | The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. |
| CWE-697 | Incorrect Comparison | The product compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses. |
| CWE-1133 | Weaknesses Addressed by the SEI CERT Oracle Coding Standard for Java | CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommendations of the SEI CERT Oracle Coding Standard for Java. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.