---

CVE-2017-3539 - log back

CVE-2017-3539 created at 25 Sep 2019 19:31:40
Severity	+ Low
Remote	+ Remote
Type	+ Access restriction bypass
Description	+ It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm.
References	+ http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/1f2ff3f1882a
Notes