rpm package
suse/xerces-j2&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
pkg:rpm/suse/xerces-j2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-34169 | — | < 2.12.2-150200.3.10.2 | 2.12.2-150200.3.10.2 | Jul 19, 2022 | The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t | ||
| CVE-2022-23437 | — | < 2.12.0-3.3.1 | 2.12.0-3.3.1 | Jan 24, 2022 | There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerabili |
- CVE-2022-34169Jul 19, 2022affected < 2.12.2-150200.3.10.2fixed 2.12.2-150200.3.10.2
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t
- CVE-2022-23437Jan 24, 2022affected < 2.12.0-3.3.1fixed 2.12.0-3.3.1
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerabili