Vulnerabilities > Eclipse > Openj9 > 0.40.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-11 | CVE-2024-10917 | Integer Overflow or Wraparound vulnerability in Eclipse Openj9 In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. | 5.3 |
| 2024-05-27 | CVE-2024-3933 | Out-of-bounds Write vulnerability in Eclipse Openj9 In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage [1], could allow access to a buffer with an incorrect length value when executing an arraycopy sequence while the Concurrent Scavenge Garbage Collection cycle is active and the source and destination memory regions for arraycopy overlap. | 7.3 |
| 2023-11-15 | CVE-2023-5676 | Race Condition vulnerability in Eclipse Openj9 In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing. | 5.9 |