1. CVE-Search
  2. CVE-2020-27221
ID CVE-2020-27221
Summary In Eclipse OpenJ9 up to and including version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding.
References
Vulnerable Configurations
  • cpe:2.3:a:eclipse:openj9:0.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.8:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.8.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.8.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.8.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.8.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.8.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.8.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.9.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.9.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.9.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.9.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.10.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.10.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.10.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.10.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.10.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.10.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.11.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.11.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.11.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.11.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.11.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.11.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:milestone2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.13.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.13.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.13.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.13.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.13.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.13.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.15.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.15.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.15.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.15.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.16.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.16.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.16.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.16.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.16.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.16.0:milestone2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.17.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.17.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.17.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.17.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.17.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.17.0:milestone2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.18.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.18.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.18.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.18.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.18.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.18.0:milestone2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.19.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.19.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.19.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.19.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.19.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.19.0:milestone2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.20.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.20.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.20.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.20.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.20.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.20.0:milestone2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.21.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.21.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.21.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.21.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.21.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.21.0:milestone2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.22.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.22.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.22.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.22.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.22.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.22.0:milestone2:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 02-03-2021 - 21:09)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm https://bugs.eclipse.org/bugs/show_bug.cgi?id=569763
Last major update 02-03-2021 - 21:09
Published 21-01-2021 - 05:15
Last modified 02-03-2021 - 21:09
Back to Top