CVE-2024-10917

Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength

CVSS 3.7 LOWEPSS 0.4%CWE-190

In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Productos afectados

Eclipse Foundation · Open J9

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/eclipse-openj9/openj9/pull/20362 https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0 https://gitlab.eclipse.org/security/cve-assignement/-/issues/47