1. Home
  2. Weaknesses
  3. CWE-487

CWE-487: Reliance on Package-level Scope

ID CWE-487
Abstraction Base
Structure Simple
Status Incomplete
Detail Web & Social
Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.

The purpose of package scope is to prevent accidental access by other parts of a program. This is an ease-of-software-development feature but not a security feature.

Modes of Introduction

Phase Note
Implementation

Applicable Platforms

Type Class Name Prevalence
Language Java

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-664 Improper Control of a Resource Through its Lifetime Pillar Simple Draft