It was discovered that the lack of proper validation of user-supplied data in HTML rendering in JavaFX can result in a write past the end of an allocated data structure. This issue can potentially lead to code execution in the current process context. References: https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA
This is not an OpenJDK issue, but rather JavaFX / OpenJFX, which is not currently shipped as part of any Red Hat product.
The details of the flaw as noted in comment 0 are not available in the Oracle CPU, but rather seem to come from this ZDI advisory: https://www.zerodayinitiative.com/advisories/ZDI-20-897/