← back
CVE-2018-12548

CVE-2018-12548

EPSS 1.1%CWE-822
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
31 Jan 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.crypto.jniprovider.NativeCrypto class contains public static natives which accept pointer values that are dereferenced in the native code.
Affected products
The Eclipse Foundation · Eclipse OpenJ9

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.eclipse.org/bugs/show_bug.cgi?id=543792