{"id":"CVE-2021-41041","details":"In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles.","modified":"2026-03-14T11:11:09.644269Z","published":"2022-04-27T02:15:38.730Z","related":["SUSE-SU-2022:3092-1","openSUSE-SU-2024:12185-1","openSUSE-SU-2024:12186-1","openSUSE-SU-2025:0066-1"],"references":[{"type":"REPORT","url":"https://bugs.eclipse.org/bugs/show_bug.cgi?id=579744"},{"type":"FIX","url":"https://github.com/eclipse-openj9/openj9/pull/14935"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/eclipse/openj9","events":[{"introduced":"0"},{"fixed":"9a84ec34ed321967cdbe67b29ddcd732b591d051"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.32.0"}]}}],"versions":["openj9-0.0","openj9-0.0M1","openj9-0.0RC2","openj9-0.10.0-rc1","openj9-0.11.0","openj9-0.11.0-rc1","openj9-0.11.0-rc2","openj9-0.12.0-m1","openj9-0.12.0-m2","openj9-0.12.0-rc1","openj9-0.16.0-m1","openj9-0.17.0-m1","openj9-0.18.0-m1","openj9-0.19.0-m1","openj9-0.20.0-m1","openj9-0.21.0-m1","openj9-0.22.0-m1","openj9-0.23.0-m1","openj9-0.24.0-m1","openj9-0.26.0-m1","openj9-0.27.0-m1","openj9-0.29.0-m1","openj9-0.30.0-m1","openj9-0.30.0-m1a","openj9-0.32.0-m1","openj9-0.32.0-m1a","openj9-0.32.0-m2","openj9-0.8.0","openj9-0.8.0-rc1","openj9-0.8.0-rc2","openj9-0.9.0-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41041.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8"}]},{"events":[{"introduced":"0"},{"last_affected":"11"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}