Home / Vulnerability Database / Kotlin : Determining type via class name comparison

Kotlin

Kotlin : Determining type via class name comparison

Classification

CWE

Overview

The application determines the type of an object based on a class name. Undefined behavior and malicious code injection is possible.

An attacker can create a class of the same name with the malicious code, which will be executed by an application. The class name should not be used as an object type identifier.

References

CWE-486: Comparison of Classes by Name

LOW

Kotlin : Determining type via class name comparison

Classification

Overview

References

DerScanner Severity Score

Do you want to fix Kotlin : Determining type via class name comparison in your application?

See also

Kotlin : Missing required cryptographic step

Kotlin : Logging into system output

Kotlin : Call of notify() in synchronized block