Back to CWE list
CWE-607
Public Static Final Field References Mutable Object
Variant
Draft
Description
A public or protected static final field references a mutable object, which allows the object to be changed by malicious code, or accidentally from another package.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Integrity
Impact
Modify Application Data
Potential Mitigations
Implementation
Protect mutable objects by making them private. Restrict access to the getter and setter as well.
Applicable Platforms
Java
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now