USN-5898-1: OpenJDK vulnerabilities

USN-5898-1: OpenJDK vulnerabilities

It was discovered that the Serialization component of OpenJDK did not
properly handle the deserialization of some CORBA objects. An attacker
could possibly use this to bypass Java sandbox restrictions.
(CVE-2023-21830)

Markus Loewe discovered that the Java Sound subsystem in OpenJDK did not
properly validate the origin of a Soundbank. An attacker could use this to
specially craft an untrusted Java application or applet that could load a
Soundbank from an attacker controlled remote URL. (CVE-2023-21843)
Source: USN-5898-1: OpenJDK vulnerabilities

About KENNETH 19694 Articles
지락문화예술공작단

Be the first to comment

Leave a Reply

Your email address will not be published.


*


이 사이트는 Akismet을 사용하여 스팸을 줄입니다. 댓글 데이터가 어떻게 처리되는지 알아보세요.