What the vulnerability does

01Description

In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles.

Key dates

02Disclosure timeline

April 27, 2022 CVE published
August 4, 2024 Record updated