EPSS
Percentile
92.4%
It was found that executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox.
bugzilla.redhat.com/show_bug.cgi?id=1725928
nvd.nist.gov/vuln/detail/CVE-2019-10181
www.cve.org/CVERecord?id=CVE-2019-10181