CVE-2018-12547

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-12547

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12547.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-12547

Related

Published

2019-02-11T15:29:00Z

Modified

2024-09-03T02:04:39.533126Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf() and jiovsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.

References

Affected packages

Git / github.com/eclipse/openj9

Affected ranges

Type: GIT
Repo: https://github.com/eclipse/openj9
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

04890c30076872e4c5286727d4d63473c41674e8

Affected versions

openj9-0.*

openj9-0.0

openj9-0.0M1

openj9-0.0RC2

openj9-0.10.0-rc1

openj9-0.11.0

openj9-0.11.0-rc1

openj9-0.11.0-rc2

openj9-0.12.0-m1

openj9-0.12.0-m2

openj9-0.12.0-rc1

openj9-0.8.0

openj9-0.8.0-rc1

openj9-0.8.0-rc2

openj9-0.9.0-rc1