Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a partial denial of service and a JNI function returning incorrect value length due to multiple vulnerabilities.

Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to an unauthenticated attacker performing a partial denial of service partial DOS CVE-2024-21208, CVE-2024-21217 and JNI function GetStringUTFLength returning incorrect value length when...

EUVD-2024-33347

Malicious code in bioql PyPI...

CVE-2024-10917

In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters...

IBM Java 7.1 < 7.1.5.24 / 8.0 < 8.0.8.35

The version of IBM Java installed on the remote host is 7.1 prior to 7.1.5.24 / 8.0 prior to 8.0.8.35. It is, therefore, affected by a vulnerability as referenced in the IBM Security Update December 2024 advisory. - In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may...

CVE-2024-10917

In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters...

PT-2024-16639 · Eclipse +2 · Eclipse Openj9 +2

Name of the Vulnerable Software and Affected Versions: Eclipse OpenJ9 versions up to 0.47 Description: The JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From version 0.48, the value is correct but may be truncated to include a smaller number of characters...