SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 86

changes.mady.by.user Michal Rozenau

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

SEC02-J

High

Probable

Medium

P12

L1

Automated Detection

Tool
Version
Checker
Description
Coverity7.5UNSAFE_REFLECTIONImplemented
Parasoft Jtest
Include Page
Parasoft_V
Parasoft_V
CERT.SEC02.TDRFLProtect against Reflection injection

Related Guidelines

ISO/IEC TR 24772:2010

Authentication Logic Error [XZO]

MITRE CWE

CWE-302, Authentication Bypass by Assumed-Immutable Data
CWE-470, Use of Externally-Controlled Input to Select Classes or Code ("Unsafe Reflection")

...