CVE-2024-10917

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/47", "name": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/47", "tags": ["Issue Tracking", "Vendor Advisory"], "refsource": ""}, {"url": "https://github.com/eclipse-openj9/openj9/pull/20362", "name": "https://github.com/eclipse-openj9/openj9/pull/20362", "tags": ["Issue Tracking", "Patch"], "refsource": ""}, {"url": "https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0", "name": "https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0", "tags": ["Release Notes"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-190"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-10917", "ASSIGNER": "security@eclipse.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}}, "publishedDate": "2024-11-11T17:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:eclipse:openj9:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "0.48.0", "versionStartIncluding": "0.8.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-01-09T18:08Z"}