AVG-2686 log

Package jdk-openjdk, jre-openjdk, jre-openjdk-headless
Status Fixed
Severity High
Type multiple issues
Affected 18-1
Fixed 18.0.1u10-1
Current 18.0.2.u9-1 [extra]
Ticket None
Created Tue May 3 19:31:22 2022
Advisory Pending
Issue Severity Remote Type Description
CVE-2022-21496 Medium Yes Unknown
CVE-2022-21449 High Yes Insufficient validation
The ECDSA signature verification from java 15 onward accecpted completely blank signatures as valid for an arbitrary message and public key.
CVE-2022-21443 Low Yes Unknown
CVE-2022-21434 Medium Yes Unknown
CVE-2022-21426 Medium Yes Unknown