Openj9 Security Vulnerabilities and Issues — Openj9 CVE List

Lucene search

EclipseOpenj9

3 matches found

CVE•added 2019/07/17 9:15 p.m.•97 views

CVE-2019-11772

In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within ...

9.8CVSS8.4AI score0.00871EPSS

CVE•added 2019/07/30 2:15 p.m.•82 views

CVE-2019-11775

All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the mod...

7.4CVSS8.2AI score0.01505EPSS

CVE•added 2019/07/17 9:15 p.m.•71 views

CVE-2019-11771

AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.

7.8CVSS7.9AI score0.00043EPSS