Failure to define wrappers around native methods can allow unprivileged callers to invoke them and exploit inherent vulnerabilities such as buffer overflows in native libraries.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
JNI01-J | P27 | L1 |
CWE-111. Direct use of unsafe JNI | |
Secure Coding Guidelines for the Java Programming Language, Version 4.0 | Guideline 9-9. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance |
[JNI 2006] |
|
|