CWE-487βReliance on Package-level Scope
PUBLISHEDweakness recordMedium
released 2006-07-19 Β· last modified 2025-12-11
Metadata
Weakness Name
Reliance on Package-level Scope
Description
Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.
The purpose of package scope is to prevent accidental access by other parts of a program. This is an ease-of-software-development feature but not a security feature.