漏洞信息详情

Eclipse OpenJ9 缓冲区错误漏洞

  • CNNVD编号:CNNVD-202101-1655
  • 危害等级: 超危
  • CVE编号: CVE-2020-27221
  • 漏洞类型: 缓冲区错误
  • 发布时间: 2021-01-21
  • 威胁类型: 远程
  • 更新时间: 2021-02-25
  • 厂        商:
  • 漏洞来源:

漏洞简介

Eclipse OpenJ9是Eclipse基金会的一款Java应用程序引擎。该产品主要用于运行Java应用程序。

Eclipse OpenJ9 up to version 0.23 存在缓冲区错误漏洞,该漏洞源于虚拟机或JNI原生机将UTF-8字符转换为平台编码时,可能会出现基于堆栈的缓冲区溢出。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=569763

参考网址

来源:CONFIRM

链接:https://bugs.eclipse.org/bugs/show_bug.cgi?id=569763

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0618

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Eclipse-OpenJ9-buffer-overflow-via-UTF-8-Characters-Encoding-34587

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-cves-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-designer-used-in-ibm-business-automation-workflow-and-ibm-business-process-manager-3/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0562

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-websphere-service-registry-and-repository-and-websphere-service-registry-and-repository-studio-january-2021-cpu/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-cves-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-designer-used-in-ibm-business-automation-workflow-and-ibm-business-process-manager-2/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0683

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2020-27221

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0653

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2020-27221

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-messagegateway-cve-2020-14803-cve-2020-27221/

受影响实体

    暂无


漏洞信息快速查询

相关漏洞

更多