Описание
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
A flaw was found in the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This issue causes the XercesJ XML parser to wait in an infinite loop, which may consume system resources for a prolonged duration, leading to a denial of service condition.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | xerces-j2 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | xerces-j2 | Out of support scope | ||
| Red Hat Enterprise Linux 8 | pki-deps:10.6/xerces-j2 | Will not fix | ||
| Red Hat Enterprise Linux 9 | xerces-j2 | Will not fix | ||
| Red Hat JBoss Enterprise Application Platform 6 | xerces-j2-eap6 | Out of support scope | ||
| Red Hat JBoss Web Server 3 | xerces-j2 | Not affected | ||
| Red Hat Software Collections | rh-maven36-xerces-j2 | Will not fix | ||
| Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update | xerces-j2 | Fixed | RHSA-2022:4922 | 06.06.2022 |
| Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 | eap7-xerces-j2 | Fixed | RHSA-2022:4919 | 06.06.2022 |
| Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 | eap7-xerces-j2 | Fixed | RHSA-2022:4918 | 06.06.2022 |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
There's a vulnerability within the Apache Xerces Java (XercesJ) XML pa ...
6.5 Medium
CVSS3