0.004 Low
EPSS
Percentile
74.3%
The java-1.8.0-openjdk packages is vulnerable to unauthorised modification. The vulnerability exists because it accepts ECSDA signatures using non-canonical DER encoding, leading to accept incorrect format not accepted by other cryptographic tools.
access.redhat.com/errata/RHSA-2017:0180
access.redhat.com/security/updates/classification/#critical
bugzilla.redhat.com/show_bug.cgi?id=1369383