Lucene search

Signature Verification Bypass

🗓️ 22 Apr 2022 22:37:35Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 122 Views

Signature Verification Bypass in Oracle Jav

Reporter	Title	Published	Views	Family All 103
Debian CVE	CVE-2022-21449	19 Apr 202221:15	–	debiancve
Prion	Design/Logic Flaw	19 Apr 202221:15	–	prion
CNVD	Oracle Java SE Input Validation Error Vulnerability (CNVD-2022-32662)	22 Apr 202200:00	–	cnvd
Vulnrichment	CVE-2022-21449	19 Apr 202220:37	–	vulnrichment
GithubExploit	Exploit for CVE-2022-21449	29 Jul 202216:33	–	githubexploit
GithubExploit	Exploit for Vulnerability in Oracle Graalvm	21 Apr 202216:26	–	githubexploit
GithubExploit	Exploit for CVE-2022-21449	20 Apr 202210:23	–	githubexploit
GithubExploit	Exploit for CVE-2022-21449	24 Apr 202210:59	–	githubexploit
GithubExploit	Exploit for CVE-2022-21449	20 Apr 202220:31	–	githubexploit
GithubExploit	Exploit for Vulnerability in Oracle Graalvm	5 Jul 202219:51	–	githubexploit

Vulners

Node

-openjdk15\Matchedge15.0.3_p3-r0

-openjdk15\Matchedge15.0.2_p7-r1

-openjdk15\Matchedge15.0.6_p5-r0

-openjdk15\Matchedge15.0.4_p5-r0

-openjdk15\Matchedge15.0.2_p7-r0

-openjdk15\Matchedge15.0.5_p3-r0

-openjdk17\Matchedge17.0.1_p12-r0

-openjdk17\Matchedge17.0.0_p35-r1

-openjdk17\Matchedge17.0.2_p8-r0

-openjdk17\Matchedge17.0.2_p8-r1

-openjdk15\Match3.1515.0.5_p3-r0

-java-17-openjdkMatch17.0.0.0.35_5.el8

-java-17-openjdkMatch17.0.1.0.12_2.el8_5

-java-17-openjdkMatch17.0.0.0.33_0.5.ea.el8

-java-17-openjdkMatch17.0.0.0.26_0.2.ea.el8

-java-17-openjdkMatch17.0.0.0.35_4.el8

-java-17-openjdkMatch17.0.2.0.8_15.el8

-java-17-openjdkMatch17.0.0.0.35_3.el8

-openjdk15\Matchedge15.0.3_p3-r0

-openjdk15\Matchedge15.0.2_p7-r1

-openjdk15\Matchedge15.0.6_p5-r0

-openjdk15\Matchedge15.0.4_p5-r0

-openjdk15\Matchedge15.0.2_p7-r0

-openjdk15\Matchedge15.0.5_p3-r0

-openjdk17\Matchedge17.0.1_p12-r0

-openjdk17\Matchedge17.0.0_p35-r1

-openjdk17\Matchedge17.0.2_p8-r0

-openjdk17\Matchedge17.0.2_p8-r1

-openjdk15\Match3.1515.0.5_p3-r0

-java-17-openjdkMatch17.0.0.0.35_5.el8

-java-17-openjdkMatch17.0.3.0.5_0.1.ea.el8

-java-17-openjdkMatch17.0.1.0.12_2.el8_5

-java-17-openjdkMatch17.0.0.0.33_0.5.ea.el8

-java-17-openjdkMatch17.0.0.0.26_0.2.ea.el8

-java-17-openjdkMatch17.0.0.0.35_4.el8

-java-17-openjdkMatch17.0.2.0.8_15.el8

-java-17-openjdkMatch17.0.0.0.35_3.el8

connect2id nimbus_jose\+jwtRange≤9.21.1

Source	Link
bitbucket	www.bitbucket.org/connect2id/nimbus-jose-jwt/commits/651580526d8e815420e06abe31c0b4976c4afec9
bugs	www.bugs.openjdk.java.net/browse/JDK-8235710
docs	www.docs.oracle.com/en/graalvm/enterprise/20/docs/overview/release-notes
connect2id	www.connect2id.com/blog/cve-2022-21449
bugs	www.bugs.openjdk.java.net/browse/JDK-8285389
debian	www.debian.org/security/2022/dsa-5128
debian	www.debian.org/security/2022/dsa-5131
backstage	www.backstage.forgerock.com/knowledge/kb/article/a90257583
security	www.security.netapp.com/advisory/ntap-20220429-0006/
oracle	www.oracle.com/security-alerts/cpuapr2022.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Apr 2022 22:35Current

3.1Low risk

Vulners AI Score3.1

EPSS0.00071