CVE-2018-12547 - AskarLabs CVE Database

CVE-2018-12547

Vendor The Eclipse Foundation

Product Eclipse OpenJ9

Weakness CWE-20 · Input validation

Published February 11, 2019

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.

Key dates

02Disclosure timeline

February 11, 2019 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-12547

Related vulnerabilities

04Related CVE

CVE-2024-2650 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-39553 Apache Airflow Drill Provider Arbitrary File Read Vulnerability CVE-2018-15422 Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities CVE-2024-20666 BitLocker Security Feature Bypass Vulnerability CVE-2021-26607 TOBESOFT NEXACRO17 arbitrary command execution vulnerability