Static Member Data Element outside of a Singleton Class Element
This weakness occurs when a class that isn't designed as a singleton (a class meant to have only one instance) contains a non-final static member variable. This creates a shared, mutable state across all instances of that class, which can lead to unexpected behavior and data corruption.
Using non-final static fields in a non-singleton class introduces a global, shared state that all object instances can read and modify. This breaks encapsulation and can cause subtle bugs where changes made by one part of the application unintentionally affect another, making the code difficult to reason about, test, and debug. It's a design flaw that violates the principle of least surprise. Beyond correctness issues, this pattern can degrade performance. The shared state often requires synchronization to be thread-safe, which adds overhead and can create bottlenecks. If an attacker can trigger or manipulate this shared data, the performance impact could be exploited in a denial-of-service scenario or to amplify other vulnerabilities.
Impact: Reduce Performance
- OMG ASCPEM