I'm trying to determine if OpenJDK is impacted by CVE-2022-37434.
I checked OpenJDK source code and it looks like it's using only following methods from zlib:
Method that contains vulnerabilities in zlib is inflateGetHeader, so it looks like that OpenJDK is not affected by this. Can somebody confirm if my reasoning is correct?
Your reasoning is correct.....