Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:16891
HistoryMay 02, 2019 - 5:29 a.m.

Sandbox Restrictions Bypass

2019-05-0205:29:23
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

0.071 Low

EPSS

Percentile

94.0%

java is vulnerable to sandbox restrictions bypass. Lack of proper deserialization in an AccessController doPrivileged block allows remote attackers to bypass sandbox restrictions and execute arbitrary code via the readValue method of com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class.

References

0.071 Low

EPSS

Percentile

94.0%