Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a user to observe uninitialized values.
CVSS Information
N/A
Vulnerability Type
资源初始化缺失
Vulnerability Title
Eclipse OpenJ9 安全漏洞
Vulnerability Description
Eclipse OpenJ9是Eclipse基金会的一款Java应用程序引擎。该产品主要用于运行Java应用程序。 Eclipse Openj9 0.25版本存在安全漏洞,该漏洞源于jdk.internal.reflect.ConstantPool API会导致JVM在某些情况下预先解析某些常量池项。这允许用户在不运行类初始化方法的情况下调用静态方法或访问静态成员,并允许用户观察未初始化的值。
CVSS Information
N/A
Vulnerability Type
N/A