CVE-2025-4447

CWE-121Stack-based Buffer Overflow4 documents4 sources
Severity
7.0HIGH
EPSS
0.2%
top 53.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Eclipse Foundation Openj9Eclipse Openj9
Timeline
PublishedMay 9

Description

In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:N/SA:N

Affected Packages2 packages

NVDeclipse/openj90.8.00.51.0
CVEListV5eclipse_foundation/openj90.8.00.49.0

🔴Vulnerability Details

2
CVEList
Buffer Overflow in Eclipse OpenJ92025-05-09
GHSA
GHSA-wmvg-c6fc-33c8: In Eclipse OpenJ9 versions up to 02025-05-09

📋Vendor Advisories

1
Red Hat
java-1.8.0-ibm: Buffer Overflow in Eclipse OpenJ92025-05-09
CVE-2025-4447 (HIGH CVSS 7) | In Eclipse OpenJ9 versions up to 0. | cvebase.io