3 matches found
UnsafeAccessor 1.4.0 until 1.7.0 has no security checking for UnsafeAccess.getInstance()
Overview Affected versions have no limit to using unsafe-accessor. Can be ignored if SecurityCheck.AccessLimiter not setup Details If UA was loaded as a named module, the internal data of UA will be protected by JVM and others can only access UA via UA's standard api. Main application can setup...
CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...
CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor
UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...