CVE-2024-10917

CVSS V2 None CVSS V3 None

Description

In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters.

Overview

CVE ID
CVE-2024-10917

Assigner
eclipse

Vulnerability Status
PUBLISHED

Published Version
2024-11-11T16:55:11.393Z

Last Modified Date
2024-11-11T16:55:11.393Z

Weakness Enumerations

CWE	URL
CWE-190	http://cwe.mitre.org/data/definitions/190.html

References

Reference URL	Reference Tags
https://gitlab.eclipse.org/security/cve-assignement/-/issues/47
https://github.com/eclipse-openj9/openj9/pull/20362
https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-10917
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10917

History

Created	Old Value	New Value	Data Type	Notes
2024-11-12 13:19:18				Added to TrackCVE