EUVD-2021-28188

Malicious code in bioql PyPI...

K53146535: Multiple Sun Java vulnerabilities

Security Advisory Description CVE-2013-5870 Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2013-5878 Unspecified vulnerability in Oracle Java SE 6u65 and...

SUSE CVE-2021-41035

In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods...

Security Bulletin: IBM Workload Scheduler potentially affected by vulnerability in Eclipse Openj9 (CVE-2021-41041)

Summary Eclipse Openj9 is vulnerable to attacks bypassing security restrictions that can potentially affect IBM Workload Scheduler 9.5 and IBM Workload Scheduler 10.1 Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security...

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Netcool Configuration Manager (CVE-2021-41041).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Netcool Configuration Manager IP Edition v6.4.2. Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused...

Security Bulletin: The IBM® Engineering Lifecycle Engineering products using IBM Java - Eclipse OpenJ9 is vulnerable to CVE-2021-41041

Summary A flaw in Eclipse OpenJ9 allows unverified bytecode to be executed using MethodHandles. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Systems Design Rhapsody, IBM Jazz Reporting Service,...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update July 2022

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that is used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates up to July 2022. IBM 8 SR7 FP15 1.8.0341. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An...

Security Bulletin: Vulnerabilities in Eclipse OpenJ9 affects AIX LPARs in IBM PureData System for Operational Analytics (CVE-2021-41041)

Summary There are one or more vulnerabilities in Eclipse OpenJ9 that is used in IBM PureData System for Operational Analytics AIX based LPARs CVE-2021-41041. Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, cause...

Security Bulletin: CVE-2021-41041 may affect IBM® Semeru Runtime

Summary CVE-2021-41041 was addressed in Eclipse OpenJ9 version 0.32 Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by failing to throw the exception captured during bytecode verification when verificatio...

RHEL 8 : java-1.8.0-ibm (RHSA-2022:5837)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5837 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

java-11-openj9,java-1_8_0-openj9: unverified methods can be invoked using MethodHandles

In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles...

IBM Java 7.0 < 7.0.11.0 / 7.1 < 7.1.5.0 / 8.0 < 8.0.7.0

The version of IBM Java installed on the remote host is prior to 7.0 7.0.11.0 / 7.1 7.1.5.0 / 8.0 8.0.7.0. It is, therefore, affected by a vulnerability as referenced in the IBM Security Update November 2021 advisory. - In Eclipse Openj9 before version 0.29.0, the JVM does not throw...

UBUNTU-CVE-2021-41041

In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles...

JDK: IllegalAccessError exception not thrown for MethodHandles that invoke inaccessible interface methods

In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods...

CVE-2021-41035

In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods...

CVE-2021-41035

In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods...

CVE-2021-41035

CVE-2021-41035 affects Eclipse OpenJ9 prior to 0.29.0. The root cause is that the JVM does not throw IllegalAccessError for MethodHandles invoking inaccessible interface methods. This could allow a remote attacker to gain elevated privileges and execute arbitrary code on the system; exploitation ...

CVE-2021-41035

In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods...

Eclipse Openj9 安全漏洞

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A security vulnerability exists in Eclipse Openj9 versions prior to 0.29.0 that stems from the JVM not throwing an IllegalAccessError exception for MethodHandles that...

Arbitrary Code Execution

java is vulnerable to arbitrary code execution. The vulnerability exists as MethodHandles in HotSpot JVM does not properly handle methods...