CVE-2018-12547
CVE-2018-12547
In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.
Affected products
The Eclipse Foundation · Eclipse OpenJ9Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://access.redhat.com/errata/RHSA-2019:0469https://access.redhat.com/errata/RHSA-2019:0472https://access.redhat.com/errata/RHSA-2019:0473https://access.redhat.com/errata/RHSA-2019:0474https://access.redhat.com/errata/RHSA-2019:0640https://access.redhat.com/errata/RHSA-2019:1238https://bugs.eclipse.org/bugs/show_bug.cgi?id=543659