Download
| Alert*
CVE-2017-10356 -- openjdk-6-jdk, openjdk-9-jdk
Francesco Palmarini, Marco Squarcina, Mauro Tempesta, Riccardo Focardi, and Tobias Ospelt discovered that the Security component in OpenJDK did not sufficiently protect password-based encryption keys in key stores. An attacker could use this to expose sensitive information.
|