What caused Psychic Signatures Vulnerability (CVE-2022–21449)?

Photo by Markus Spiske on Unsplash

Introduction

Before we begin with this blog post, I’ll ask you one question. Is 0 equal to 0? You might judge me for asking this simple question but this is the basis of this vulnerability.

CVE-2022–21449, also being referred to as Psychic Signatures by many, is a vulnerability in Java’s implementation of the ECDSA (Elastic…