Download
| Alert*
CVE-2017-10295 -- openjdk-6-jdk, openjdk-9-jdk
It was discovered that the HTTPUrlConnection classes in OpenJDK did not properly handle newlines. An attacker could use this to convince a Java application or applet to inject headers into http requests.
|