Oracle already wins ‘crypto bug of the year’ with Java digital signature bypassLiam Provenon April 20, 2022 at 20:11 The Register


Whole new meaning for zero consequences

Java versions 15 to 18 contain a flaw in its ECDSA signature validation that makes it trivial for miscreants to digitally sign files and other data as if they were legit organizations.…

Leave a Comment