CVE-2024-20921

First published: Thu Jan 11 2024(Updated: )

A flaw was found in the loop optimizations performed by the Hotspot component of OpenJDK when generating range check predicates. An untrusted Java application or applet could use this flaw to corrupt JVM memory and cause it to crash or, possibly, execute arbitrary code, bypassing Java sandbox restrictions.

Credit: secalert_us@oracle.com secalert_us@oracle.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/first-publish-date
• agent/type
• agent/severity
• agent/remedy
• collector/nvd-cve
• source/NVD
• agent/author
• collector/redhat-bugzilla
• source/Red Hat
• alias/CVE-2024-20921
• collector/launchpad-cve
• source/Launchpad
• collector/epss-latest
• source/FIRST
• agent/epss
• collector/ibm-support
• source/IBM
• agent/software-canonical-lookup
• collector/mitre-cve
• source/MITRE
• collector/nvd-api
• agent/weakness
• agent/last-modified-date
• collector/usn-cve
• source/Ubuntu
• agent/softwarecombine
• agent/tags
• agent/references
• agent/description
• agent/event
• collector/security-tracker-debian
• source/Debian
• vendor/ibm
• canonical/ibm cognos analytics
• version/ibm cognos analytics/12.0.0-12.0.2
• version/ibm cognos analytics/11.2.0-11.2.4 fp3
• package-manager/debian