{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-10917","assignerOrgId":"e51fbebd-6053-4e49-959f-1b94eeb69a2c","state":"PUBLISHED","assignerShortName":"eclipse","dateReserved":"2024-11-06T09:21:23.318Z","datePublished":"2024-11-11T16:55:11.393Z","dateUpdated":"2024-11-12T20:14:21.838Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Open J9","repo":"https://github.com/eclipse-openj9/openj9","vendor":"Eclipse Foundation","versions":[{"lessThanOrEqual":"0.47.0","status":"affected","version":"0.8.0","versionType":"semver"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters."}],"value":"In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":3.7,"baseSeverity":"LOW","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-190","description":"CWE-190 Integer Overflow or Wraparound","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"e51fbebd-6053-4e49-959f-1b94eeb69a2c","shortName":"eclipse","dateUpdated":"2024-11-11T16:55:11.393Z"},"references":[{"url":"https://gitlab.eclipse.org/security/cve-assignement/-/issues/47"},{"url":"https://github.com/eclipse-openj9/openj9/pull/20362"},{"url":"https://github.com/eclipse-openj9/openj9/releases/tag/openj9-0.48.0"}],"source":{"discovery":"UNKNOWN"},"title":"Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-11-12T15:44:26.956117Z","id":"CVE-2024-10917","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-12T20:14:21.838Z"}}]}}