0.003 Low
EPSS
Percentile
69.2%
It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.
bugzilla.redhat.com/show_bug.cgi?id=1535036