{"id":"CVE-2019-17631","details":"From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks.","modified":"2026-04-10T04:16:01.978832Z","published":"2019-10-17T18:15:12.813Z","related":["SUSE-SU-2020:0001-1","SUSE-SU-2020:0024-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:4113"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:4115"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0006"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0046"},{"type":"REPORT","url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=552129"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/eclipse/openj9","events":[{"introduced":"4a7a6b2b1e74c15ddbe8fea47e3d3fba21f91cd6"},{"last_affected":"867dab457f2ca8110d65599ed5ad2e785f0b6a3a"}],"database_specific":{"versions":[{"introduced":"0.15.0"},{"last_affected":"0.16.0"}]}}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"5.8"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.1"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-17631.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}]}