jre-openjdk

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description OpenJDK Java 23 full runtime environment
Version 23.0.1.u0-2 [extra-testing]
23.0.1.u0-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2686 18-1 18.0.1u10-1 High Fixed
AVG-2188 16.0.1.u9-1 16.0.2.u7-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2022-21496 AVG-2686 Medium Yes Unknown Unknown
CVE-2022-21449 AVG-2686 High Yes Insufficient validation
The ECDSA signature verification from java 15 onward accecpted completely blank signatures as valid for an arbitrary message and public key.
CVE-2022-21443 AVG-2686 Low Yes Unknown Unknown
CVE-2022-21434 AVG-2686 Medium Yes Unknown Unknown
CVE-2022-21426 AVG-2686 Medium Yes Unknown Unknown
CVE-2021-2388 AVG-2188 High Yes Arbitrary code execution
A security issue has been found in the Hotspot component of OpenJDK versions 7u301, 8u291, 11.0.11 and 16.0.1. A difficult to exploit vulnerability allows...
CVE-2021-2369 AVG-2188 Medium Yes Arbitrary code execution
A security issue has been found in the Library component of OpenJDK versions 7u301, 8u291, 11.0.11 and 16.0.1. An easily exploitable vulnerability allows...
CVE-2021-2341 AVG-2188 Medium Yes Information disclosure
A security issue has been found in the Networking component of OpenJDK versions 7u301, 8u291, 11.0.11 and 16.0.1. A difficult to exploit vulnerability...

Advisories

Date Advisory Group Severity Type
22 Jul 2021 ASA-202107-66 AVG-2188 High multiple issues