openjdk is vulnerable to authorization bypass. Incorrect handling of unexpected CertificateVerify TLS handshake messages allows an unauthenticated attacker to perform unauthorized read, update, insert or delete of data.
lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html
access.redhat.com/errata/RHSA-2020:0122
access.redhat.com/errata/RHSA-2020:0128
access.redhat.com/errata/RHSA-2020:0232
access.redhat.com/security/updates/classification/#important
seclists.org/bugtraq/2020/Jan/24
security.netapp.com/advisory/ntap-20200122-0003/
usn.ubuntu.com/4257-1/
www.debian.org/security/2020/dsa-4605
www.oracle.com/security-alerts/cpujan2020.html