5 matches found
CVE-2022-31139
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
io.github.karlatemp.jvm-hook-framework:api (=1.2.0), io.github.karlatemp.mxlib:mxlib-command (>=3.0-dev-16 <=3.0-dev-20) +15 more potentially affected by CVE-2022-31139 via io.github.karlatemp:unsafe-accessor (>=1.5.0 <=1.6.0)
io.github.karlatemp:unsafe-accessor MAVEN version =1.5.0, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =3.0-dev-16, =1.1, =2.1.0 and more Source cves: CVE-2022-31139 Source advisory: OSV:GHSA-CR6P-23CF-W9G9...
CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
CVE-2022-31139
The CVE-2022-31139 entry concerns UnsafeAccessor (UA), a bridge to access jdk.internal.misc.Unsafe and sun.misc.Unsafe. According to the connected sources, when SecurityCheck.AccessLimiter is configured, untrusted code can access UA without limitation even if UA is loaded as a named module; this ...
CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...