Java Discovers Annual Encryption Vulnerability

Recently, security researcher Khaled Nassar made public on GitHub the PoC code for a newly disclosed digital signature bypass vulnerability in Java, tracked as CVE-2022-21449. The vulnerability is known to have been discovered by Neil Madden, a researcher at security consulting firm ForgeRock, in November of last year, and was notified to Oracle the same day. Although Oracle gave the vulnerability a CVSS rating of 7.5, ForgeRock said they had privately disclosed the vulnerability when it was first discovered and rated the vulnerability a 10 on the CVSS.

Using encryption and decryption in Java

Instructions In project development, in order to ensure the security of data and user privacy, we usually encrypt key information, this article details how to use hutool in java language to quickly encrypt and decrypt data, hope you can help. If your project is built on Maven, you can introduce Hutool through pom to use the encryption and decryption function. <dependency> <groupId>cn.hutool</groupId> <artifactId>hutool-crypto</artifactId> <version>5.7.15</version> </dependency> If your project is not built based on maven, you can also directly download the jar package to use.