Can Javascript engines that run on the JVM be used to implement the Spectre exploit?

Exploiting Spectre (and Meltdown) requires the ability to time things with reasonably high precision (on a modern CPU, in the tens of nanoseconds range). Javascript engines that don't do JIT compiling don't provide the precision needed to do this.

The current JavaScript engine in OpenJDK is interpreted, which makes these kinds of attacks difficult. The speculative execution is limited and the timings to detect the cache change tight. It doesn't seem a high bandwidth attack in the best of cases.

However, expect to be surprised. The speculative execution could happen in one step without going back to the JavaScript. As JavaScript has relatively free reign over the Java library, perhaps there's something in there that could do the timing as a side-effect.

On the third hand, if I was developing an exploit for fun or profit (I'm not), I'd choose a much easier and worthwhile target.