On 19/08/2020 22:46, Alkanor Oumbratok wrote: > > I may be wrong on both points, and I would be really grateful if > someone could explain why these 2 CVE have been rated this high > whereas at first glance there isn't any really exploitable related > scenario.
The first rule of the OpenJDK Vulerability Group is: You do not talk about the OpenJDK Vulerability Group. :-) In particular, we do not reveal exploits. Sorry. -- Andrew Haley (he/him) Java Platform Lead Engineer Red Hat UK Ltd. <https://www.redhat.com> https://keybase.io/andrewhaley EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671
