Oracle Java SE Sandbox Bypass VulnerabilityNVD
Known Exploited Vulnerability
CVE-2012-5076, Oracle Java SE Sandbox Bypass Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.
The following remediation steps are recommended / required by April 18, 2022: Apply updates per vendor instructions.