CVE-2018-12547

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-12547
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-12547.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-12547
Related
Published
2019-02-11T15:29:00Z
Modified
2024-10-12T03:09:39.530580Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf() and jiovsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.

References

Affected packages

Git / github.com/eclipse/openj9

Affected ranges

Type
GIT
Repo
https://github.com/eclipse/openj9
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

openj9-0.*

openj9-0.0
openj9-0.0M1
openj9-0.0RC2
openj9-0.10.0-rc1
openj9-0.11.0
openj9-0.11.0-rc1
openj9-0.11.0-rc2
openj9-0.12.0-m1
openj9-0.12.0-m2
openj9-0.12.0-rc1
openj9-0.8.0
openj9-0.8.0-rc1
openj9-0.8.0-rc2
openj9-0.9.0-rc1