CVEbaza.plSłownik CWECWE-111
Common Weakness Enumeration

CWE-111

Direct Use of Unsafe JNI

Kategoria: VariantCVE: 2
Opis

Gdy aplikacja Java używa Java Native Interface (JNI) do wywoływania kodu napisanego w innym języku programowania, może to narazić aplikację na podatności obecne w tym kodzie, nawet jeśli takie podatności nie mogą wystąpić w Javie.

Description (EN)

When a Java application uses the Java Native Interface (JNI) to call code written in another programming language, it can expose the application to weaknesses in that code, even if those weaknesses cannot occur in Java.

Podatności CVE z CWE-111 (2)
9.8
CVSS
CRITICAL
CVE-2018-12549

In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.

pub. 2019-02-11
8.1
CVSS
HIGH
CVE-2016-9160

A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.

pub. 2016-12-17
Informacje
ID: CWE-111
Typ: Variant
Podatności: 2
MITRE CWE ↗
← Słownik CWE