Recent Java Sandbox escapes
Andrew Haley
aph at redhat.com
Wed Sep 9 08:49:46 UTC 2020
On 19/08/2020 22:46, Alkanor Oumbratok wrote:
>
> I may be wrong on both points, and I would be really grateful if
> someone could explain why these 2 CVE have been rated this high
> whereas at first glance there isn't any really exploitable related
> scenario.
The first rule of the OpenJDK Vulerability Group is: You do not talk
about the OpenJDK Vulerability Group. :-)
In particular, we do not reveal exploits. Sorry.
--
Andrew Haley (he/him)
Java Platform Lead Engineer
Red Hat UK Ltd. <https://www.redhat.com>
https://keybase.io/andrewhaley
EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671
More information about the security-dev
mailing list