Oracle Patches Java signature bypass flaw

Oracle has issued patches for a serious flaw in Java versions 15 to 18 which allows malicious actors to trivially forge digital signatures and TLS certificates that Java then accepts as valid. The problem lies in the Elliptic Curve Digital Signature Algorithm (ECDSA) which was re-written for Java 15 and this introduced the flaw which […]

Oracle Patches Java signature bypass flaw Read More »