Количество 70
Количество 70
CVE-2022-34169
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
CVE-2022-34169
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
CVE-2022-34169
Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets
CVE-2022-34169
The Apache Xalan Java XSLT library is vulnerable to an integer truncat ...
GHSA-975q-8v3h-8j23
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service wh...
BDU:2022-05104
Уязвимость компонента Hotspot программных платформ Java SE, виртуальной машины Oracle GraalVM Enterprise Edition, позволяющая нарушителю получить доступ на чтение данных
SUSE-RU-2024:3971-1
Recommended update for mojo-parent
GHSA-9339-86wc-4qgf
Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets
BDU:2022-04788
Уязвимость библиотеки Apache Xalan Java XSLT, связанная с ошибкой приведения целочисленного значения, позволяющая нарушителю выполнить произвольный код
ROS-20240529-05
Множественные уязвимости java-17-openjdk
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. | CVSS3: 7.5 | 9% Низкий | больше 3 лет назад |
 | CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. | CVSS3: 7.5 | 9% Низкий | больше 3 лет назад |
 | CVE-2022-34169 Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets | CVSS3: 7.5 | 9% Низкий | около 2 месяцев назад |
| CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncat ... | CVSS3: 7.5 | 9% Низкий | больше 3 лет назад |
| GHSA-975q-8v3h-8j23 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service wh... | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
 | BDU:2022-05104 Уязвимость компонента Hotspot программных платформ Java SE, виртуальной машины Oracle GraalVM Enterprise Edition, позволяющая нарушителю получить доступ на чтение данных | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
 | SUSE-RU-2024:3971-1 Recommended update for mojo-parent | 9% Низкий | 12 месяцев назад | |
| GHSA-9339-86wc-4qgf Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets | CVSS3: 7.5 | 9% Низкий | больше 3 лет назад |
| BDU:2022-04788 Уязвимость библиотеки Apache Xalan Java XSLT, связанная с ошибкой приведения целочисленного значения, позволяющая нарушителю выполнить произвольный код | CVSS3: 7.5 | 9% Низкий | больше 3 лет назад |
 | ROS-20240529-05 Множественные уязвимости java-17-openjdk | CVSS3: 9.8 | больше 1 года назад |
Уязвимостей на страницу