A flaw was found in the way the readObject() method of the MethodType class in the Libraries component of OpenJDK checked argument types. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.

Public now via Oracle CPU April 2020: https://www.oracle.com/security-alerts/cpuapr2020.



Source link

Write a comment:
*

Your email address will not be published.