Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

Rules

Content by Label

showLabels	false
max	99
spaces	com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
showSpace	false
sort	title
cql	label = "msc" and label = "rule" and label != "void" and space = currentSpace()
labels	+msc,-void, +rule

Risk Assessment Summary

Rule	Severity	Likelihood	Detectable	Repairable

Guidelines

MSC00-J. Do not mix generic with non-generic raw types in new code

MSC01-J. Do not use insecure or weak cryptographic algorithms

MSC02-J. Generate strong random numbers

MSC03-J. Never hardcode sensitive information

MSC04-J. Do not use Object.equals() to compare cryptographic keys

MSC05-J. Make sensitive classes noncloneable

MSC06-J. Avoid memory leaks

MSC07-J. Eliminate class initialization cycles

MSC08-J. Avoid cyclic dependencies between packages

MSC09-J. Carefully design interfaces before releasing them

MSC10-J. Limit the lifetime of sensitive data

MSC11-J. Do not assume infinite heap space

MSC12-J. Prefer using Iterators over Enumerations

MSC13-J. Do not modify the underlying collection when an iteration is in progress

MSC14-J. Finish every set of statements associated with a case label with a break statement

MSC15-J. Use numerical comparison operators to terminate a loop whose counter changes by more than one

MSC16-J. Address the shortcomings of the Singleton design pattern

MSC17-J. Detect and remove dead code

Risk Assessment Summary

Guideline	Severity	Likelihood	Remediation Cost	Priority	Level
MSC00-J	Medium	low Likely	probable No	medium No	P4 P6	L3 L2
MSC01-J	Low	Unlikely medium	probable Yes	medium Yes	P8 P3	L2 L3
MSC02-J	High	high Probable	probable No	medium No	P12 P6	L1 L2
MSC03-J	high High	probable Probable	medium No	P12	L1	MSC04- J	high	unlikely	low	No	P6 P9	L2 MSC05
MSC04-J	medium Low	probable Unlikely	medium	P8	L2	No	No	MSC06- J	low	unlikely	high	P1	L3 MSC07
MSC05-J	Low	low Probable	unlikely No	medium No	P2	L3 MSC08
MSC06-J	low Low	probable Probable	medium No	P4	L3	No	MSC09- J	low	probable	high	P2	L3 MSC10
MSC07-J	medium Low	likely Unlikely	medium	P12	L1
MSC11- J	low	probable	medium	P4	L3
MSC12- J	low	unlikely	medium	P2	L3
MSC13- J	low	probable	medium	P4	L3
MSC14- J	medium	unlikely	low	P6	L2
MSC15- J	low	unlikely	low	P3	L3
Yes	No	P2	L3

...

Image Added Image Added Image Added SER13-J. Prevent overwriting of Externalizable Objects The CERT Oracle Secure Coding Standard for Java MSC00-J. Do not mix generic with non-generic raw types in new code