Unrated severityNVD Advisory· Published Apr 21, 2021· Updated Aug 3, 2024
CVE-2021-28167
CVE-2021-28167
Description
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a user to observe uninitialized values.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- The Eclipse Foundation/Eclipse OpenJ9v5Range: unspecified
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.