Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:2 a.m.22 views

CVE-2022-31139

UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...

7.5CVSS7AI score0.01091EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/07/12 10:15 p.m.4 views

io.github.karlatemp.jvm-hook-framework:api (=1.2.0), io.github.karlatemp.mxlib:mxlib-command (>=3.0-dev-16 <=3.0-dev-20) +15 more potentially affected by CVE-2022-31139 via io.github.karlatemp:unsafe-accessor (>=1.5.0 <=1.6.0)

io.github.karlatemp:unsafe-accessor MAVEN version =1.5.0, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =1.1, =2.1.0 and more Source cves: CVE-2022-31139 Source advisory: OSV:GHSA-CR6P-23CF-W9G9...

7.5CVSS7.1AI score0.01091EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/07/11 6:25 p.m.5 views

CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor

UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...

5.9CVSS7.6AI score0.01091EPSS
Exploits0References3
CVE
CVE
added 2022/07/11 6:25 p.m.663 views

CVE-2022-31139

The CVE-2022-31139 entry concerns UnsafeAccessor (UA), a bridge to access jdk.internal.misc.Unsafe and sun.misc.Unsafe. According to the connected sources, when SecurityCheck.AccessLimiter is configured, untrusted code can access UA without limitation even if UA is loaded as a named module; this ...

7.5CVSS6.6AI score0.01091EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/07/11 6:25 p.m.48 views

CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor

UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...

5.9CVSS7.8AI score0.01091EPSS
Exploits0References3
Rows per page
Query Builder