jdk17-openjdk
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | OpenJDK Java 17 development kit |
| Version | 17.0.11.u9-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2687 | 17.0.2-1 | 17.0.3.u7-2 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2022-21496 | AVG-2687 | Medium | Yes | Unknown | Unknown |
| CVE-2022-21476 | AVG-2687 | High | Yes | Unknown | Unknown |
| CVE-2022-21449 | AVG-2687 | High | Yes | Insufficient validation | The ECDSA signature verification from java 15 onward accecpted completely blank signatures as valid for an arbitrary message and public key. |
| CVE-2022-21443 | AVG-2687 | Low | Yes | Unknown | Unknown |
| CVE-2022-21434 | AVG-2687 | Medium | Yes | Unknown | Unknown |
| CVE-2022-21426 | AVG-2687 | Medium | Yes | Unknown | Unknown |