From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HEclipse Openj9
APPEclipse0.15.0 – 0.16.0Red Hat Enterprise Linux
OSRedhat8.0Red Hat Enterprise Linux Desktop
OSRedhat6.07.0Red Hat Enterprise Linux Eus
OSRedhat8.1Red Hat Enterprise Linux Server
OSRedhat6.07.0Red Hat Enterprise Linux Workstation
OSRedhat6.07.0Red Hat Satellite
APPRedhat5.8
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Referencje
Powiązane podatności
CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
CVE-2019-5544CRITICAL9.8⚠ KEVten sam produkt
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...
CVE-2018-14667CRITICAL9.8⚠ KEVten sam produkt
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserReso...
CVE-2016-4171CRITICAL9.8⚠ KEVten sam produkt
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbi...