Examples from the book CERT Oracle Secure Coding Standard for Java, The (SEI Series in Software Engineering)
I highly recommend study this book to learn secure coding. This repo covers some examples from this book but you should read the book to be able to clarify why it is unsecure and what can be done
Security in computer systems has been a serious issue for decades. This past decade’s explosion in the dependence on networks and the computers connected to them has raised the issue to stratospheric levels. When Java was first designed, dealing with security was a key component. And in the years since then, all of the various standard libraries, frameworks, and containers that have been built have had to deal with security too. In the Java world, security is not viewed as an add-on feature. It is a pervasive way of thinking. Those who forget to think in a secure mindset end up in trouble. But just because the facilities are there doesn’t mean that security is assured automatically. A set of standard practices has evolved over the years. The CERT® Oracle® Secure Coding Standard for Java™ is a compendium of these practices. These are not theoretical research papers or product marketing blurbs. This is all serious, mission-critical, battle-tested, enterprise-scale stuff.
https://www.amazon.com/Oracle-Secure-Standard-Software-Engineering-ebook/dp/B005LVNX5W