<img height="1" width="1" src="https://www.facebook.com/tr?id=2348737235262475&amp;ev=PageView &amp;noscript=1">
SkySpark • 4 min leestijd

Security Announcement Regarding CVE-2022-21449

Miguel Mauser 26 april 2022

If you are running Java 15+, we recommend testing and deploying the latest patches from your JDK provider as soon as possible. There is a vulnerability in Java 15+ that could impact SkySpark.

Oracle's recent April 2022 Oracle Critical Patch Update Advisory includes a fix for vulnerability CVE-2022-21449 that affected Java 15+. The company that discovered and reported the vulnerability published an article with additional explanation. It appears that the major OpenJDK providers have rolled out the fix as well, so if you are running Java 15+ we encourage you to check the release notes of your preferred Java distribution and confirm CVE-2022-21449 is mentioned in the list of fixes.

This is also a good opportunity to remind the community that it is always recommended to run the latest Java updates as outlined in our IT Operations and Maintenance App Note. Oracle publishes a schedule for patch updates which you can find more about on the Oracle Security Alerts page.

Picture of Miguel Mauser

Miguel Mauser

Commercieel manager Miguel Mauser heeft zijn sporen verdiend in de snel veranderende wereld van water- en gebouwmanagement en Smart Industry. Zo combineerde hij tijdens zijn lange carrière sales succesvol met automatisering en infra. En deed dat bij gerenommeerde, internationale bedrijven. Dat maakt dat hij niet alleen kennis heeft van systemen, maar ook van processen en hoe deze succesvol in organisaties te integreren.