In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a user to observe uninitialized values.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: eclipse

Published: 2021-04-21T17:30:16

Updated: 2024-08-03T21:40:12.207Z

Reserved: 2021-03-12T00:00:00

Link: CVE-2021-28167

cve-icon Vulnrichment

Updated: 2024-08-03T21:40:12.207Z

cve-icon NVD

Status : Modified

Published: 2021-04-21T18:15:08.793

Modified: 2024-11-21T05:59:14.353

Link: CVE-2021-28167

cve-icon Redhat

No data.