jdk-openjdk

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description OpenJDK Java 23 development kit
Version 23.0.1.u0-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2686 18-1 18.0.1u10-1 High Fixed
AVG-2477 17.u35-1 17.0.1.u12-1 Medium Fixed
AVG-1865 15.0.2.u7-1 Medium Not affected
AVG-1847 15.0.2.u7-1 16.0.1.u9-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2022-21496 AVG-2686 Medium Yes Unknown Unknown
CVE-2022-21449 AVG-2686 High Yes Insufficient validation
The ECDSA signature verification from java 15 onward accecpted completely blank signatures as valid for an arbitrary message and public key.
CVE-2022-21443 AVG-2686 Low Yes Unknown Unknown
CVE-2022-21434 AVG-2686 Medium Yes Unknown Unknown
CVE-2022-21426 AVG-2686 Medium Yes Unknown Unknown
CVE-2021-35603 AVG-2477 Low Yes Information disclosure
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the security-libs/javax.net.ssl component. A difficult to...
CVE-2021-35586 AVG-2477 Medium Yes Denial of service
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the client-libs/javax.imageio component. An easily...
CVE-2021-35578 AVG-2477 Medium Yes Denial of service
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the security-libs/javax.net.ssl component. An easily...
CVE-2021-35567 AVG-2477 Medium Yes Information disclosure
A security issue has been found in OpenJDK before versions 8u312, 11.0.13 and 17.0.1 in the security-libs/java.security component. An easily exploitable...
CVE-2021-35564 AVG-2477 Medium Yes Denial of service
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the security-libs/java.security component. An easily...
CVE-2021-35561 AVG-2477 Medium Yes Denial of service
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the core-libs/java.util component. An easily exploitable...
CVE-2021-35559 AVG-2477 Medium Yes Denial of service
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the security-libs/javax.net.ssl component. An easily...
CVE-2021-35556 AVG-2477 Medium Yes Denial of service
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the client-libs/javax.swing component. An easily exploitable...
CVE-2021-2163 AVG-1847 Medium Yes Insufficient validation
A security issue was found in the way the Libraries component of OpenJDK enforced constraints defined in the jdk.jar.disabledAlgorithms security property....
CVE-2021-2161 AVG-1865 Medium Yes Incorrect calculation
It was discovered that the implementation of ProcesBuilder in the Libraries component of OpenJDK on the Windows platform did not properly detect command...