Motoyasu Saburi discovered that OpenJDK 20 incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-22006) Eirik Bjørsnøs discovered that OpenJDK 20 incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-22036) David Stancu discovered that OpenJDK 20 had a flaw in the AES cipher implementation. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22041) Zhiqiang Zang discovered that OpenJDK 20 incorrectly handled array accesses when using the binary '%' operator. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22044) Zhiqiang Zang discovered that OpenJDK 20 incorrectly handled array accesses. An attacker could possibly use this issue to obtain sensitive information. (CVE-2023-22045) It was discovered that OpenJDK 20 incorrectly sanitized URIs strings. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2023-22049) It was discovered that OpenJDK 20 incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-25193)
Continue reading...
Continue reading...
