Java Bytecode Verifier Allows Execution Past End of Bytecode Array in Eclipse OpenJ9
CVE-2019-10245 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load.
Learn more about our Web Application Penetration Testing UK.