CVE-2022-21449

"Psychic Signatures" vulnerability in the Oracle Java SE, Oracle GraalVM

https://nvd.nist.gov/vuln/detail/CVE-2022-21449

Description

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).

Oracle link:

https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA

Impact to Keeper

Keeper Security is not impacted by this vulnerability. Keeper does not use Java runtimes that are affected, as reported by Oracle. Keeper also does not use the ECDSA implementation in the built-in Java library. Keeper uses BouncyCastle for ECDSA implementation, which is not impacted.

If you have any questions, please email us at security@keepersecurity.com.

Last updated