Vulnerabilities (CVE)

Vendor filter

Eclipse Subscribe

Product filter

Openj9 Subscribe


4 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-11771 1 Eclipse 1 Openj9 2019-07-19 4.6
AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
CVE-2018-12549 2 Eclipse, Redhat 5 Openj9, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2019-05-16 7.5
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.
CVE-2018-12539 2 Eclipse, Oracle 2 Openj9, Enterprise Manager Base Platform 2019-05-10 4.6
In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted...
CVE-2018-12548 1 Eclipse 1 Openj9 2019-02-20 7.5
In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.crypto.jniprovider.NativeCrypto class contains public static natives which accept pointer values that are dereferenced in the native code.