...
This noncompliant code example consists of two classes: an immutable final ImmutablePoint class and a mutable Holder class. Holder is mutable because a new ImmutablePoint instance can be assigned to it using the setPoint() method (see CON09-J. Synchronize access to Ensure visibility of shared references to immutable objects). The ImmutablePoint is final so that an attacker may not subclass it and assign a mutable subclass to ipoint.
...