CVE-2024-10917

Published Nov 11, 2024

Last updated 5 days ago

CVSS low 3.7

Overview

Description
In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters.
Source
emo@eclipse.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
3.7
Impact score
1.4
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity
LOW

Weaknesses

emo@eclipse.org
CWE-190

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2024-10917 (Published: 2024-11-11) - High severity vulnerability in Eclipse. Affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/kCdSokiqzn #CyberSecurity #Eclipse

    @transilienceai

    14 Nov 2024

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References