CVE-2018-12548

2019-01-3120:29:00

Google

osv.dev

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

51.3%

JSON

In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.crypto.jniprovider.NativeCrypto class contains public static natives which accept pointer values that are dereferenced in the native code.

CPENameOperatorVersion
openj9eqopenj9-0.11.0-rc1
openj9eqopenj9-0.9.0-rc1
openj9eqopenj9-0.10.0-rc1
openj9eqopenj9-0.8.0-rc1
openj9eqopenj9-0.8.0-rc2
openj9eqopenj9-0.0M1
openj9eqopenj9-0.0
openj9eqopenj9-0.0RC2
openj9eqopenj9-0.11.0
openj9eqopenj9-0.8.0

Name	Operator	Version
openj9	eq	openj9-0.11.0-rc1
openj9	eq	openj9-0.9.0-rc1
openj9	eq	openj9-0.10.0-rc1
openj9	eq	openj9-0.8.0-rc1
openj9	eq	openj9-0.8.0-rc2
openj9	eq	openj9-0.0M1
openj9	eq	openj9-0.0
openj9	eq	openj9-0.0RC2
openj9	eq	openj9-0.11.0
openj9	eq	openj9-0.8.0

Rows per page:

1-10 of 111

References

bugs.eclipse.org/bugs/show_bug.cgi?id=543792