CVE-2018-12548

Summary

In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.crypto.jniprovider.NativeCrypto class contains public static natives which accept pointer values that are dereferenced in the native code.

Affected Software

VendorProductVersion RangeStatus
The Eclipse FoundationEclipse OpenJ90.11.0affected

Weaknesses

  • CWE-822: CWE-822: Untrusted Pointer Dereference

ADP Enrichment

CVE Program Container

Additional References

References