CVE-2019-10245 in Eclipse and Red Hat Products
Published on April 19, 2019
In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2019-10245
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-10245 are published in these products:
Affected Versions
The Eclipse Foundation Eclipse OpenJ9:- Version unspecified and below 0.14.0 is affected.
Exploit Probability
EPSS
1.59%
Percentile
81.40%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.