CVE-2021-2161 log

Severity Medium
Remote Yes
Type Incorrect calculation
It was discovered that the implementation of ProcesBuilder in the Libraries component of OpenJDK on the Windows platform did not properly detect command arguments that were not quoted correctly. This could lead to manipulation of command arguments when executing processes with arguments from untrusted sources. This issue did not affect OpenJDK builds on the Linux platform. It is fixed in versions 16.0.1, 11.0.11, 8u291, and 7u301.
Group Package Affected Fixed Severity Status Ticket
AVG-1868 jdk7-openjdk 7.u261_2.6.22-1 Medium Not affected
AVG-1867 jdk8-openjdk 8.u282-1 8.u292-1 Medium Not affected
AVG-1866 jdk11-openjdk 11.0.10.u9-1 11.0.11.u9-1 Medium Not affected
AVG-1865 jdk-openjdk 15.0.2.u7-1 Medium Not affected