Page: LCK11-J. Avoid client-side locking when using classes that do not commit to their locking strategy
|
Carol J. Lallier |
Jun 20, 2015
|
Page: Leaking Capabilities
|
Carol J. Lallier |
Nov 29, 2011
|
Page: Leaking Sensitive Data
|
Robert Seacord (Manager) |
Apr 27, 2015
|
Page: Libraries
|
Shannon Haas |
Aug 03, 2011
|
Page: MET00-J. Validate method arguments
|
Sandy Shrum |
Feb 02, 2016
|
Page: MET01-J. Never use assertions to validate method arguments
|
David Svoboda |
Mar 10, 2022
|
Page: MET02-J. Do not use deprecated or obsolete classes or methods
|
Michal Rozenau |
May 18, 2021
|
Page: MET03-J. Methods that perform a security check must be declared private or final
|
Sandy Shrum |
Feb 02, 2016
|
Page: MET04-J. Do not increase the accessibility of overridden or hidden methods
|
Michal Rozenau |
May 18, 2021
|
Page: MET05-J. Ensure that constructors do not call overridable methods
|
Joseph C. Sible |
Apr 04, 2022
|
Page: MET06-J. Do not invoke overridable methods in clone()
|
Winfried Gerlach |
Jan 25, 2022
|
Page: MET07-J. Never declare a class method that hides a method declared in a superclass or superinterface
|
Michal Rozenau |
May 18, 2021
|
Page: MET08-J. Preserve the equality contract when overriding the equals() method
|
Jon O'Donnell |
Aug 06, 2021
|
Page: MET09-J. Classes that define an equals() method must also define a hashCode() method
|
Jon O'Donnell |
Aug 06, 2021
|
Page: MET10-J. Follow the general contract when implementing the compareTo() method
|
Jon O'Donnell |
Aug 06, 2021
|
Page: MET11-J. Ensure that keys used in comparison operations are immutable
|
Michal Rozenau |
May 18, 2021
|
Page: MET12-J. Do not use finalizers
|
Michal Rozenau |
May 18, 2021
|
Page: MET13-J. Do not assume that reassigning method arguments modifies the calling environment
|
Jon O'Donnell |
Mar 31, 2021
|
Page: MET50-J. Avoid ambiguous or confusing uses of overloading
|
Michal Rozenau |
Jan 10, 2023
|
Page: MET51-J. Do not use overloaded methods to differentiate between runtime types
|
Will Snavely |
Nov 16, 2017
|
Page: MET52-J. Do not use the clone() method to copy untrusted method parameters
|
Michal Rozenau |
Jan 10, 2023
|
Page: MET53-J. Ensure that the clone() method calls super.clone()
|
Michal Rozenau |
Jan 10, 2023
|
Page: MET54-J. Always provide feedback about the resulting value of a method
|
Will Snavely |
Nov 16, 2017
|
Page: MET55-J. Return an empty array or collection instead of a null value for methods that return an array or collection
|
Will Snavely |
Nov 16, 2017
|
Page: MET56-J. Do not use Object.equals() to compare cryptographic keys
|
Will Snavely |
Nov 16, 2017
|
Page: MITRE CAPEC
|
Derek Leung |
Dec 03, 2018
|
Page: MITRE CWE
|
Derek Leung |
Dec 03, 2018
|
Page: MSC00-J. Use SSLSocket rather than Socket for secure data exchange
|
Michal Rozenau |
Feb 26, 2021
|
Page: MSC01-J. Do not use an empty infinite loop
|
Michal Rozenau |
May 18, 2021
|
Page: MSC02-J. Generate strong random numbers
|
Jon O'Donnell |
May 19, 2022
|