Deprecated methods should not be used in new code. Refer to the complete list of deprecated APIs available in the Java SE 6 documentation [[API 2006]].
The guideline THI01-J. Do not invoke ThreadGroup methods describes issues that can result from using deprecated and obsolete methods.
A class is obsolete if it is unofficially deprecated. For example, the java.util.Dictionary
class provides the same functionality as the Map
interface and is generally outmoded. The java.util.Calendar
class suffers from multi-threading related issues and so does its subclasses, such as java.util.GregorianCalendar
. Similarly, all the subclasses of the abstract
class java.text.Format
are thread-unsafe. These classes must be avoided in multi-threaded code.
Risk Assessment
Using deprecated methods in program code can lead to unexpected, ill-defined behavior.
Guideline |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
MET15-J |
high |
likely |
medium |
P18 |
L1 |
Automated Detection
TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
[[API 2006]] Deprecated API
[[SDN 2008]] Bug database, Bug ID 4264153
[[MITRE 2009]] CWE ID 589
MET14-J. Follow the general contract when implementing the compareTo method 16. Methods (MET) MET16-J. Ensure that the clone method calls super.clone