0.004 Low
EPSS
Percentile
74.3%
It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools.
bugzilla.redhat.com/show_bug.cgi?id=1413911