...
EXC13-EX0: Classes that sanitize exceptions to comply with a security policy are permitted to translate specific exceptions into more general exceptions. This translation could potentially result in throwing RuntimeException or Exception in some cases, depending on the details of the security policy.
EXC13-EX1: Widely used pre-existing APIs whose previous versions contain methods that throw RuntimeException or Exception may continue to do so, to preserve backwards compatibility. We strongly encourage maintainers of such APIs to consider deprecating such methods, replacing them with methods that throw more specific exceptions.
Risk Assessment
Throwing RuntimeException and Exception prevents classes from catching the intended exceptions without catching other unintended exceptions as well.
...