{"id":"CVE-2025-4447","details":"In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.","modified":"2026-03-20T12:43:48.668044Z","published":"2025-05-09T21:15:51.410Z","related":["SUSE-SU-2025:01770-1","SUSE-SU-2025:01788-1","SUSE-SU-2025:01954-1","openSUSE-SU-2025:15231-1"],"references":[{"type":"REPORT","url":"https://github.com/eclipse-openj9/openj9/pull/21762"},{"type":"REPORT","url":"https://gitlab.eclipse.org/security/cve-assignement/-/issues/61"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/eclipse/openj9","events":[{"introduced":"e24e8aa9bdffadfff8564ac605b0003928dcd1aa"},{"last_affected":"31cf5538b0a4875a2310e917a80bb16c81065d3c"}],"database_specific":{"versions":[{"introduced":"0.8.0"},{"last_affected":"0.51.0"}]}}],"versions":["openj9-0.10.0-rc1","openj9-0.11.0","openj9-0.11.0-rc1","openj9-0.11.0-rc2","openj9-0.12.0-m1","openj9-0.12.0-m2","openj9-0.12.0-rc1","openj9-0.16.0-m1","openj9-0.17.0-m1","openj9-0.18.0-m1","openj9-0.19.0-m1","openj9-0.20.0-m1","openj9-0.21.0-m1","openj9-0.22.0-m1","openj9-0.23.0-m1","openj9-0.24.0-m1","openj9-0.26.0-m1","openj9-0.27.0-m1","openj9-0.29.0-m1","openj9-0.30.0-m1","openj9-0.30.0-m1a","openj9-0.33.0-m1","openj9-0.35.0-m1","openj9-0.51.0","openj9-0.8.0","openj9-0.8.0-rc2","openj9-0.9.0-rc1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-4447.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}