...
This noncompliant code example consists of class Mutable, which allows the internal array object to be modified. An untrusted invoker may call the mutator method setArray() and violate the object's immutability property. She may instead call the getter method getArray() and modify its contents directly. This is because this class also violates violates OBJ05-J. Defensively copy private mutable class members before returning their references.
...