Описание
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingMitigationVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingMitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:eclipse:openj9:0.11.0:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00719
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-111
CWE-20
Связанные уязвимости
CVSS3: 9.8
redhat
почти 7 лет назад
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.
CVSS3: 9.8
github
больше 3 лет назад
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.
CVSS3: 9.8
fstec
около 7 лет назад
Уязвимость компонента OpenJ9 JIT compiler виртуальной машины Eclipse OpenJ9, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 72%
0.00719
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-111
CWE-20