vulnerability

IBM Java: IBM Security Update March 2019 (CVE-2018-12547)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Feb 11, 2019
Added
Mar 12, 2019
Modified
May 21, 2019

Description

In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.

Solution(s)

ibm-java-upgrade-7_0_10_40ibm-java-upgrade-7_1_4_40ibm-java-upgrade-8_0_5_30
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.