OpenJDK Vulnerability Advisory: 2022/04/19

Andrew H. Gross andrew.gross at oracle.com
Tue Apr 19 20:31:20 UTC 2022


OpenJDK Vulnerability Advisory: 2022/04/19
vuln-report at openjdk.java.net
https://openjdk.java.net/groups/vulnerability/advisories

Releases affected: 7, 8, 11, 13, 15, 17, and 18


OpenJDK CVEs:
     CVE-2022-21426  CVE-2022-21434  CVE-2022-21443  CVE-2022-21449
     CVE-2022-21476  CVE-2022-21496


OpenJFX CVEs:
     None


Please note that defense-in-depth issues are not assigned CVEs.

These issues have been addressed, as applicable, in the following releases:
   7u341, 8u332, 11.0.15, 13.0.11, 15.0.7, 17.0.3, and 18.0.1

We recommend that you upgrade to these new releases as soon as possible.

For more detail about this advisory, please see:
https://openjdk.java.net/groups/vulnerability/advisories/2022-04-19

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://mail.openjdk.java.net/pipermail/vuln-announce/attachments/20220419/4d4927fc/OpenPGP_signature.bin>


More information about the vuln-announce mailing list