Oracle Critical Patch Update Advisory – April 2022-CVE-2022-21449
NAME
Oracle – Multiple
- Platforms Affected:
Multiple - Risk Level:
medium - CVE Type:
Unspecified
DESCRIPTION
CVE-2022-21449 is an unspecified vulnerability impacting multiple versions of Oracle Java SE and Oracle GraalVM Enterprise Edition. A proof of concept (PoC) was observed in open source and a link to a PoC was shared in the underground.
CVSS Information:
- CVSS 2.0 SCORE:
- CVSS 3.0 SCORE: 7.8
- Exploit Disclosed in the Public:
true - Exploit Weaponised:
- PoC Link:
hXXps://github[.]com/khalednassar/CVE-2022-21449-TLS-PoC
MITIGATION
Oracle addressed the vulnerability in critical patch update advisory with updated versions.
- Reference Link:
https://www.oracle.com/security-alerts/cpuapr2022.html - Patch Available:
available
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.