VariantIncomplete

CWE-496Public Data Assigned to Private Array-Typed Field

Category: other

Description

Assigning public data to a private array is equivalent to giving public access to the array.

Common consequences· 1

  • Integrity — Modify Application Data
    The contents of the array can be modified from outside the intended scope.

Potential mitigations· 1

  • [Implementation]Do not allow objects to modify private members of a class.

References

  1. https://cwe.mitre.org/data/definitions/496.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Array Declared Public, Final, and Static
CWE
Private Data Structure Returned From A Public Method
CWE
Critical Data Element Declared Public
CWE
Public Static Field Not Marked Final
CWE
Serializable Class Containing Sensitive Data
CWE
Cloneable Class Containing Sensitive Information
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.