We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-10917

Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength



Description

In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters.

Reserved 2024-11-06 | Published 2024-11-11 | Updated 2024-11-12 | Assigner eclipse


LOW: 3.7CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Problem types

CWE-190 Integer Overflow or Wraparound

Product status

Default status
unaffected

0.8.0
affected

References

gitlab.eclipse.org/security/cve-assignement/-/issues/47

github.com/eclipse-openj9/openj9/pull/20362

github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0

cve.org (CVE-2024-10917)

nvd.nist.gov (CVE-2024-10917)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-10917

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.