Description
The code contains a function or method that operates in a multi-threaded environment but owns an unsafe non-final static storable or member data element.
Potential Impact
Other
Reduce Reliability
Related Weaknesses
Taxonomy Mappings
- OMG ASCRM: ASCRM-RLB-11 —
Frequently Asked Questions
What is CWE-1058?
CWE-1058 (Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The code contains a function or method that operates in a multi-threaded environment but owns an unsafe non-final static storable or member data element.
How can CWE-1058 be exploited?
Attackers can exploit CWE-1058 (Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element) to reduce reliability. This weakness is typically introduced during the Implementation phase of software development.
How do I prevent CWE-1058?
Follow secure coding practices, conduct code reviews, and use automated security testing tools (SAST/DAST) to detect this weakness early in the development lifecycle.
What is the severity of CWE-1058?
CWE-1058 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.