Vulnerability in The Eclipse Foundation Openj9

CVE-2018-12549

In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.

EPSS: 0.007 (72.9th percentile) — read the EPSS interpretation.

Affected products

The Eclipse Foundation Openj9 — versions 0.11.0

Weakness classification (CWE)

CWE-111

References

RHSA-2019:0469 (x_refsource_REDHAT, vendor-advisory)
RHSA-2019:0472 (x_refsource_REDHAT, vendor-advisory)
bugs.eclipse.org/bugs/show_bug.cgi (x_refsource_CONFIRM)
RHSA-2019:0640 (x_refsource_REDHAT, vendor-advisory)
RHSA-2019:1238 (x_refsource_REDHAT, vendor-advisory)