CVE-2019-17631

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-17631

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-17631.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-17631

Related

RHSA-2019:4113
RHSA-2019:4115
RHSA-2020:0006
RHSA-2020:0046
SUSE-SU-2020:0001-1
SUSE-SU-2020:0024-1

Published

2019-10-17T18:15:12Z

Modified

2024-09-02T23:07:11Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks.

References

https://access.redhat.com/errata/RHSA-2019:4113
https://access.redhat.com/errata/RHSA-2019:4115
https://access.redhat.com/errata/RHSA-2020:0006
https://access.redhat.com/errata/RHSA-2020:0046
https://bugs.eclipse.org/bugs/show_bug.cgi?id=552129

Affected packages

Git / github.com/eclipse/openj9

Affected ranges

Type: GIT
Repo: https://github.com/eclipse/openj9
Events: Introduced

4a7a6b2b1e74c15ddbe8fea47e3d3fba21f91cd6

Last affected

867dab457f2ca8110d65599ed5ad2e785f0b6a3a