CVE-2019-11774

Name of the Vulnerable Software and Affected Versions Eclipse OMR versions prior to 0.1

Description The issue arises when the loop versioner fails to privatize a value pulled out of the loop by versioning. This can occur when a condition is moved out of the loop and reads a field, resulting in the test seeing one value of the field and the loop seeing a modified field value without retesting the condition. This can lead to various issues, including reading out of array bounds.

Recommendations For Eclipse OMR versions prior to 0.1, consider updating to a version that addresses this issue, as the current version may allow for unauthorized access to array values due to the loop versioner's failure to privatize values correctly. At the moment, there is no information about a newer version that contains a fix for this vulnerability.