Lucene search
EclipseCVELIST:CVE-2021-28167HistoryApr 21, 2021 - 5:30 p.m.
CVE-2021-28167
2021-04-2117:30:16
CWE-909
eclipse
www.cve.org
1
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a user to observe uninitialized values.
CNA Affected
[
{
"vendor": "The Eclipse Foundation",
"product": "Eclipse OpenJ9",
"versions": [
{
"version": "unspecified",
"lessThanOrEqual": "0.25.0",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
ibm
ibm
Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Business Developer
2022-12-06 17:14:26
osv
osv
CVE-2021-28167
2021-04-21 18:15:08
cve
cve
CVE-2021-28167
2021-04-21 18:15:08
vulnrichment
vulnrichment
CVE-2021-28167
2021-04-21 17:30:16
prion
prion
Design/Logic Flaw
2021-04-21 18:15:00
nvd
nvd
CVE-2021-28167
2021-04-21 18:15:08
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2022-12-22 10:09:37
nessus
nessus