"Psychic Signatures" vulnerability in the Oracle Java SE, Oracle GraalVM
https://nvd.nist.gov/vuln/detail/CVE-2022-21449
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
Oracle link:
https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA
Keeper Security is not impacted by this vulnerability. Keeper does not use Java runtimes that are affected, as reported by Oracle. Keeper also does not use the ECDSA implementation in the built-in Java library. Keeper uses BouncyCastle for ECDSA implementation, which is not impacted.
If you have any questions, please email us at security@keepersecurity.com.