Oracle's recent April 2022 Oracle Critical Patch Update Advisory includes a fix for vulnerability CVE-2022-21449 that affected Java 15+. The company that discovered and reported the vulnerability published an article with additional explanation. It appears that the major OpenJDK providers have rolled out the fix as well, so if you are running Java 15+ we encourage you to check the release notes of your preferred Java distribution and confirm CVE-2022-21449 is mentioned in the list of fixes.
This is also a good opportunity to remind the community that it is always recommended to run the latest Java updates as outlined in our IT Operations and Maintenance App Note. Oracle publishes a schedule for patch updates which you can find more about on the Oracle Security Alerts page.