This may allow a remote attacker to cause a signature in an incorrect format to be accepted. The issue is triggered when handling signatures from DER input. Description The version of Oracle Java SE installed on the remote host is prior to 6 Update 141, 7 Update 131, or 8 Update 121 and is affected by multiple vulnerabilities : - A flaw exists in the 'ECDSASignature' class of the Libraries subcomponent. Synopsis The remote host is missing a critical Oracle Java SE patch update. Severity display preferences can be toggled in the settings dropdown. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. The calculated severity for Plugins has been updated to use CVSS v3 by default.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |