12 matches found
EUVD-2022-6324
Malicious code in bioql PyPI...
CVE-2022-31139
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
GHSA-CR6P-23CF-W9G9 UnsafeAccessor 1.4.0 until 1.7.0 has no security checking for UnsafeAccess.getInstance()
Overview Affected versions have no limit to using unsafe-accessor. Can be ignored if SecurityCheck.AccessLimiter not setup Details If UA was loaded as a named module, the internal data of UA will be protected by JVM and others can only access UA via UA's standard api. Main application can setup...
UnsafeAccessor 1.4.0 until 1.7.0 has no security checking for UnsafeAccess.getInstance()
Overview Affected versions have no limit to using unsafe-accessor. Can be ignored if SecurityCheck.AccessLimiter not setup Details If UA was loaded as a named module, the internal data of UA will be protected by JVM and others can only access UA via UA's standard api. Main application can setup...
CVE-2022-31139
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
Code injection
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
CVE-2022-31139
The CVE-2022-31139 entry concerns UnsafeAccessor (UA), a bridge to access jdk.internal.misc.Unsafe and sun.misc.Unsafe. According to the connected sources, when SecurityCheck.AccessLimiter is configured, untrusted code can access UA without limitation even if UA is loaded as a named module; this ...
CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
PT-2022-20558 · Unknown · Unsafeaccessor
Name of the Vulnerable Software and Affected Versions: UnsafeAccessor versions 1.4.0 through 1.6.x Description: The issue concerns UnsafeAccessor UA, a bridge to access jdk.internal.misc.Unsafe and sun.misc.Unsafe. Normally, when UA is loaded as a named module, its internal data is protected by t...
UnsafeAccessor 信息泄露漏洞
UnsafeAccessor is an unsafe accessor by the individual developer of Micro Ying - Fiber Aya Karlatemp. Used as a bridge to access jdk.internal.misc.Unsafe & sun.misc. UnsafeAccessor versions 1.4.0 through 1.7.0 contain an information disclosure vulnerability that stems from unrestricted access to...