Lucene search
HistoryOct 24, 2022 - 2:15 p.m.
CVE-2022-3676
cve-2022-3676
eclipse openj9
memory access
incompatible type
bytecode
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
48.4%
In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.
Affected configurations
Node
eclipseopenj9Range<0.35.0
Related
prion
prion
Design/Logic Flaw
2022-10-24 14:15:00
ibm
ibm
Security Bulletin: Vulnerability in Eclipse OpenJ9 affects Rational Performance Tester (CVE-2022-3676)
2023-06-16 19:07:26
nessus
nessus
SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2022:4591-1)
2022-12-21 00:00:00
SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2022:4602-1)
2022-12-23 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0375-1)
2023-02-13 00:00:00
openSUSE: Security Advisory for java (SUSE-SU-2023:0375-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:4591-1)
2022-12-21 00:00:00
cvelist
cvelist
CVE-2022-3676
2022-10-24 00:00:00
osv
osv
CVE-2022-3676
2022-10-24 14:15:51
java-1_8_0-openj9-1.8.0.352-1.1 on GA media
2024-06-15 00:00:00
java-17-openj9-17.0.5.0-1.1 on GA media
2024-06-15 00:00:00
cve
cve
CVE-2022-3676
2022-10-24 14:15:51
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2022-12-22 10:09:37
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
48.4%
Related for NVD:CVE-2022-3676