Lucene search
+L

17 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:26 a.m.8 views

CVE-2021-28167

In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a us...

6.5CVSS6.7AI score0.01104EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/19 2:57 p.m.20 views

Security Bulletin: Multiple vulnerabilities in IBM Java - OpenJ9 affect IBM Tivoli System Automation Application Manager (CVE-2021-28167)

Summary There are multiple vulnerabilities in IBM Java Eclipse-OpenJ9 Edition used by IBM Tivoli System Automation Application Manager. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|---...

6.5CVSS6.8AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/19 2:26 p.m.25 views

Security Bulletin: Multiple vulnerabilities in IBM Java - OpenJ9 affect IBM Tivoli System Automation for Multiplatforms (CVE-2021-28167)

Summary There are multiple vulnerabilities in IBM Java Eclipse-OpenJ9 used by v4.1.0.4 to v4.1.0.7 of IBM Tivoli System Automation for Multiplatforms. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products|...

6.5CVSS6.8AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/17 12:9 a.m.40 views

Security Bulletin: A vulnerability in IBM Java Runtime affects SPSS Collaboration and Deployment Services (CVE-2021-28167)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by SPSS Collaboration and Deployment Services. This issue has been addressed. Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions,...

6.5CVSS6.5AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/16 12:4 p.m.22 views

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Netcool Configuration Manager (CVE-2021-28167).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Netcool Configuration Manager IP Edition v6.4.2. Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused...

6.5CVSS6.4AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/03 9:21 a.m.21 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering products are vulnerable to CVE-2021-28167

Summary A flaw in Eclipse OpenJ9 allows malicious code to access static methods and fields in classes before those classes have been initialized. Following IBM® Engineering Lifecycle Engineering product is vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Systems...

6.5CVSS6.6AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/27 8:14 a.m.31 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering products are vulnerable to CVE-2021-28167

Summary A flaw in Eclipse OpenJ9 allows malicious code to access static methods and fields in classes before those classes have been initialized. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM...

6.5CVSS6.6AI score0.01104EPSS
Exploits1Affected Software1
IBM AIX
IBM AIX
added 2022/12/22 10:9 a.m.39 views

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Thu Dec 22 10:09:37 CST 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javadec2022advisory.asc https://aix.software.ibm.com/aix/efixes/security/javadec2022advisory.asc...

6.5CVSS6.7AI score0.03566EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/22 8:22 a.m.36 views

Security Bulletin: Vulnerability (CVE-2021-28167) in Eclipse Openj9 affects CICS Transaction Gateway Desktop Edition

Summary Eclipse Openj9 is used by CICS Transaction Gateway Desktop Edition. The fix removes vulnerability CVE-2021-28167 that could allow a remote attacker to bypass security restrictions. Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypa...

6.5CVSS6.7AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/06 5:14 p.m.31 views

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Business Developer

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtim...

6.5CVSS6.4AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/06 4:12 p.m.23 views

Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2021-28167)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about a security vulnerability affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

6.5CVSS6.3AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 11:21 a.m.20 views

Security Bulletin: A security vulnerability has been identified in IBM Java shipped with IBM Intelligent Operations Center (CVE-2021-28167)

Summary A vulnerability have been identified in IBM MQ and Java 8 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details Refer to th...

6.5CVSS6.9AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/24 2:41 p.m.32 views

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM ILOG CPLEX Optimization Studio (CVE-2021-28167)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass securi...

6.5CVSS6.5AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/23 1:10 p.m.32 views

Security Bulletin: Vulnerability in IBM Java SDK affects Cloud Pak System [CVE-2021-28167]

Summary Vulnerability in IBM Java SDK affects OS Image for Red Hat Linux Systems shipped with Cloud Pak System. Cloud Pak System has addressed vulnerability. CVE-2021-28167 Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security...

6.5CVSS6.5AI score0.01104EPSS
Exploits1Affected Software1
OSV
OSV
added 2021/04/21 6:15 p.m.15 views

CVE-2021-28167

In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a us...

6.5CVSS6.6AI score
Exploits0References2
CVE
CVE
added 2021/04/21 5:30 p.m.101 views

CVE-2021-28167

CVE-2021-28167 affects IBM Java/OpenJ9; the root cause is the jdk.internal.reflect.ConstantPool API, which can cause pre-resolution of certain constant pool entries, allowing a user to call static methods or access static members without class initialization and potentially observe uninitialized ...

6.5CVSS6.2AI score0.01104EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/04/21 5:30 p.m.17 views

CVE-2021-28167

In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a us...

6.6AI score0.01104EPSS
Exploits1References2
Rows per page
Query Builder