CVE-2019-10245
Description
In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.589
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2019:1238) java-1.8.0-ibm security update java-1.8.0-ibm-1.8.0.5.35-3.el8_0.x86_64.rpm | Linux |
| (RHSA-2019:1238) java-1.8.0-ibm security update java-1.8.0-ibm-demo-1.8.0.5.35-3.el8_0.x86_64.rpm | Linux |
| (RHSA-2019:1238) java-1.8.0-ibm security update java-1.8.0-ibm-devel-1.8.0.5.35-3.el8_0.x86_64.rpm | Linux |
| (RHSA-2019:1238) java-1.8.0-ibm security update java-1.8.0-ibm-headless-1.8.0.5.35-3.el8_0.x86_64.rpm | Linux |
| (RHSA-2019:1238) java-1.8.0-ibm security update java-1.8.0-ibm-jdbc-1.8.0.5.35-3.el8_0.x86_64.rpm | Linux |
| (RHSA-2019:1238) java-1.8.0-ibm security update java-1.8.0-ibm-plugin-1.8.0.5.35-3.el8_0.x86_64.rpm | Linux |
| (RHSA-2019:1238) java-1.8.0-ibm security update java-1.8.0-ibm-src-1.8.0.5.35-3.el8_0.x86_64.rpm | Linux |
| (RHSA-2019:1238) java-1.8.0-ibm security update java-1.8.0-ibm-webstart-1.8.0.5.35-3.el8_0.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234