CWE-495: Private Data Structure Returned From A Public Method
The product has a method that is declared public, but returns a reference to a private data structure, which could then be modified in unexpected ways.
View on MITRETechnical Details
- Structure
- Simple
Applicable To
Security Consequences
Scope
Impact
The contents of the data structure can be modified from outside the intended scope.
Mitigation Strategies
Phase
Description
Declare the method private.
Phase
Description
Clone the member data and keep an unmodified version of the data private to the object.
Phase
Description
Use public setter methods that govern how a private member can be modified.
Detection Methods
No detection method information available for this CWE.
Code Examples & CVEs
Demonstrative Examples
Here, a public method in a Java class returns a reference to a private array. Given that arrays in Java are mutable, any modifications made to the returned reference would be reflected in the original private array.
In this example, the Color class defines functions that return non-const references to private members (an array type and an integer type), which are then arbitrarily altered from outside the control of the class.
CWE Relationships
No relationship information available for this CWE.
Frequently Asked Questions
What is CWE-495: Private Data Structure Returned From A Public Method?+
CWE-495: Private Data Structure Returned From A Public Method is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product has a method that is declared public, but returns a reference to a private data structure, which could then be modified in unexpected ways.
What are the security consequences of Private Data Structure Returned From A Public Method?+
If exploited, CWE-495 (Private Data Structure Returned From A Public Method) it can compromise Integrity, leading to outcomes such as Modify Application Data.
How do you prevent or mitigate Private Data Structure Returned From A Public Method?+
Recommended mitigations for CWE-495 include: Declare the method private. Clone the member data and keep an unmodified version of the data private to the object. Use public setter methods that govern how a private member can be modified.
Which programming languages are affected by Private Data Structure Returned From A Public Method?+
CWE-495 commonly affects C, C++, Java and C#. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
What is the difference between a CWE and a CVE?+
A CWE (Common Weakness Enumeration) like CWE-495 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.