CVE-2024-10917

Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength

CVSS 3.7 LOWEPSS 0.4%CWE-190

In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Produtos afetados

Eclipse Foundation · Open J9

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/eclipse-openj9/openj9/pull/20362 https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0 https://gitlab.eclipse.org/security/cve-assignement/-/issues/47