MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2023-5676

CVSS 4.1v3.1pub. 2023-11-15upd. 2025-11-03

In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  • Eclipse Openj9

    APP
    Eclipse
    < 0.41.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2021-41035CRITICAL9.8ten sam produkt

In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invo...

CVE-2020-27221CRITICAL9.8ten sam produkt

In Eclipse OpenJ9 up to and including version 0.23, there is potential for a stack-based buffer overflow when ...

CVE-2019-17631CRITICAL9.1ten sam produkt

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnosti...

CVE-2019-11772CRITICAL9.8ten sam produkt

In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the pr...

CVE-2018-12547CRITICAL9.8ten sam produkt

In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored ...