nvd-json-data-feeds/CVE-2024/CVE-2024-109xx/CVE-2024-10917.json

{
  "id": "CVE-2024-10917",
  "sourceIdentifier": "emo@eclipse.org",
  "published": "2024-11-11T17:15:04.203",
  "lastModified": "2025-01-09T18:08:16.097",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters."
    },
    {
      "lang": "es",
      "value": "En las versiones de Eclipse OpenJ9 hasta la 0.47, la funci\u00f3n JNI GetStringUTFLength puede devolver un valor incorrecto que se ha repetido una y otra vez. A partir de la 0.48, el valor es correcto, pero puede estar truncado para incluir una cantidad menor de caracteres."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "emo@eclipse.org",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "baseScore": 3.7,
          "baseSeverity": "LOW",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4
      },
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "emo@eclipse.org",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ]
    },
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:eclipse:openj9:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "0.8.0",
              "versionEndExcluding": "0.48.0",
              "matchCriteriaId": "FCC7DE02-3642-44C5-BBA7-81914AB315E6"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/eclipse-openj9/openj9/pull/20362",
      "source": "emo@eclipse.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ]
    },
    {
      "url": "https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0",
      "source": "emo@eclipse.org",
      "tags": [
        "Release Notes"
      ]
    },
    {
      "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/47",
      "source": "emo@eclipse.org",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ]
    }
  ]
}
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`{`
			`"id": "CVE-2024-10917",`
			`"sourceIdentifier": "emo@eclipse.org",`
			`"published": "2024-11-11T17:15:04.203",`
Auto-Update: 2025-01-09T19:00:29.420592+00:00 2025-01-09 19:03:54 +00:00			`"lastModified": "2025-01-09T18:08:16.097",`
			`"vulnStatus": "Analyzed",`
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters."`
Auto-Update: 2024-11-12T15:00:38.996511+00:00 2024-11-12 15:03:42 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "En las versiones de Eclipse OpenJ9 hasta la 0.47, la funci\u00f3n JNI GetStringUTFLength puede devolver un valor incorrecto que se ha repetido una y otra vez. A partir de la 0.48, el valor es correcto, pero puede estar truncado para incluir una cantidad menor de caracteres."`
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "emo@eclipse.org",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"baseScore": 3.7,`
			`"baseSeverity": "LOW",`
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`"attackVector": "NETWORK",`
			`"attackComplexity": "HIGH",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "LOW",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "NONE"`
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`},`
			`"exploitabilityScore": 2.2,`
			`"impactScore": 1.4`
Auto-Update: 2025-01-09T19:00:29.420592+00:00 2025-01-09 19:03:54 +00:00			`},`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",`
			`"baseScore": 5.3,`
			`"baseSeverity": "MEDIUM",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "LOW",`
			`"availabilityImpact": "NONE"`
			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 1.4`
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "emo@eclipse.org",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-190"`
			`}`
			`]`
Auto-Update: 2025-01-09T19:00:29.420592+00:00 2025-01-09 19:03:54 +00:00			`},`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-190"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:eclipse:openj9::::::::",`
			`"versionStartIncluding": "0.8.0",`
			`"versionEndExcluding": "0.48.0",`
			`"matchCriteriaId": "FCC7DE02-3642-44C5-BBA7-81914AB315E6"`
			`}`
			`]`
			`}`
			`]`
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://github.com/eclipse-openj9/openj9/pull/20362",`
Auto-Update: 2025-01-09T19:00:29.420592+00:00 2025-01-09 19:03:54 +00:00			`"source": "emo@eclipse.org",`
			`"tags": [`
			`"Issue Tracking",`
			`"Patch"`
			`]`
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`},`
			`{`
			`"url": "https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0",`
Auto-Update: 2025-01-09T19:00:29.420592+00:00 2025-01-09 19:03:54 +00:00			`"source": "emo@eclipse.org",`
			`"tags": [`
			`"Release Notes"`
			`]`
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`},`
			`{`
			`"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/47",`
Auto-Update: 2025-01-09T19:00:29.420592+00:00 2025-01-09 19:03:54 +00:00			`"source": "emo@eclipse.org",`
			`"tags": [`
			`"Issue Tracking",`
			`"Vendor Advisory"`
			`]`
Auto-Update: 2024-11-11T19:02:50.076488+00:00 2024-11-11 19:05:52 +00:00			`}`
			`]`
			`}`