Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2023-5676
HistoryNov 15, 2023 - 2:15 p.m.

CVE-2023-5676

2023-11-1514:15:07
CWE-364
CWE-362
[email protected]
web.nvd.nist.gov
80
cve-2023-5676
eclipse openj9
jvm
sigterm
sigint
sighup
security vulnerability

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON

In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.

Affected configurations

NVD
Node
eclipseopenj9Range<0.41.0
CPENameOperatorVersion
eclipse:openj9eclipse openj9lt0.41.0

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "OpenJ9",
    "vendor": "Eclipse Foundation",
    "versions": [
      {
        "lessThan": "0.41.0",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Related

ibm 97
cvelist 1
osv 1
prion 1
redhatcve 1
nvd 1
nessus 9
redhat 2
aix 1
openvas 2
ibm
ibm
Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Host On-Demand
2024-05-02 14:13:34
Security Bulletin: A vulnerability in IBM Java affects IBM ILOG CPLEX Optimization Studio (CVE-2023-5676)
2024-02-14 08:15:06
Security Bulletin: The IBM® Engineering Lifecycle Engineering products using IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023 - Includes Oracle October 2023 CPU plus are vulnerable to CVE-2023-5676
2024-01-12 06:00:04
cvelist
cvelist
CVE-2023-5676 Eclipse OpenJ9 possible infinite busy hang
2023-11-15 14:02:01
osv
osv
CVE-2023-5676
2023-11-15 14:15:07
prion
prion
Design/Logic Flaw
2023-11-15 14:15:00
redhatcve
redhatcve
CVE-2023-5676
2023-11-17 10:44:47
nvd
nvd
CVE-2023-5676
2023-11-15 14:15:07
nessus
nessus
IBM Java 7.1 < 7.1.5.20 / 8.0 < 8.0.8.15
2023-11-17 00:00:00
openSUSE 15 Security Update : java-1_8_0-openj9 (SUSE-SU-2023:4612-1)
2023-11-29 00:00:00
CentOS 7 : java-1.8.0-ibm (RHSA-2024:0879)
2024-02-20 00:00:00
redhat
redhat
(RHSA-2024:0879) Moderate: java-1.8.0-ibm security update
2024-02-20 08:52:56
(RHSA-2024:0866) Moderate: java-1.8.0-ibm security update
2024-02-19 17:55:11
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2023-12-18 09:27:21
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:4572-1)
2023-11-28 00:00:00
openSUSE: Security Advisory for java (SUSE-SU-2024:0479-1)
2024-03-04 00:00:00

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON
Related for CVE-2023-5676
ibm97cvelist1osv1prion1redhatcve1nvd1nessus9redhat2aix1openvas2