Hi, just looking for some extra clarification.

I think it'd be good to add a list of Minecraft versions affected. It's kind of unclear what versions are affected, with the "1.7.x - present" followed by "we haven't found any in 1.20,"because wouldn't that be present?. Are newer mods/packs like 1.18.x, 1.19.x versions affected? What about 1.16.x?

Additionally, is it Java itself that is affected? If so, which versions of Java are impacted?

The thing is, we do not know. We know what we found, which is that most exploits are present in 1.7 and 1.12 and we know that the earliest affected mod we could find so far was for Version 1.4.7 but that doesn't mean that all other versions are save. Maybe one exploitable mod is just in the process to be written and will be released tomorrow. The best we can hope for is that we find the exploit faster than the people who want to abuse it.

Additionally, is it Java itself that is affected? If so, which versions of Java are impacted?

No, Java itself and Vanilla Minecraft are fine, it's just a bunch of mods that are affected.