...
A compliant solution must comply with CON32-J. Protect accessible mutable Synchronize access to static fields from that may be modified by untrusted code. However, the attacker intentionally violates CON20-J. Do not perform operations that may block while holding a lock in the untrusted code.
...