An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information.
Max CVSS
7.5
EPSS Score
0.84%
Published
2019-12-26
Updated
2020-01-14
1 vulnerabilities found