CVE-2024-0136

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A...

NVIDIA Container Toolkit 安全漏洞

NVIDIA Container Toolkit is a container toolkit from NVIDIA, Inc. Allows users to build and run GPU-accelerated containers. A security vulnerability exists in NVIDIA Container Toolkit that stems from the inclusion of an incorrect isolation vulnerability, where a specially crafted container image...

GHSA-CR6P-23CF-W9G9 UnsafeAccessor 1.4.0 until 1.7.0 has no security checking for UnsafeAccess.getInstance()

Overview Affected versions have no limit to using unsafe-accessor. Can be ignored if SecurityCheck.AccessLimiter not setup Details If UA was loaded as a named module, the internal data of UA will be protected by JVM and others can only access UA via UA's standard api. Main application can setup...

CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor

UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...

PT-2022-20558 · Unknown · Unsafeaccessor

Name of the Vulnerable Software and Affected Versions: UnsafeAccessor versions 1.4.0 through 1.6.x Description: The issue concerns UnsafeAccessor UA, a bridge to access jdk.internal.misc.Unsafe and sun.misc.Unsafe. Normally, when UA is loaded as a named module, its internal data is protected by t...