Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2022-34169
StatePUBLISHED
Assignerapache
Source PriorityCVE Program / NVD first with legacy fallback
Published2022-07-19 18:15:11 UTC
Updated2026-05-27 14:16:39 UTC
DescriptionThe Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.

Risk And Classification

Primary CVSS: v3.1 7.5 HIGH from [email protected]

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS: 0.109530000 probability, percentile 0.935400000 (date 2026-05-31)

Problem Types: CWE-681 | integer truncation | CWE-681 CWE-681 Incorrect Conversion between Numeric Types

VersionSourceTypeScoreSeverityVector
3.1[email protected]Primary7.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3.1ADPDECLARED7.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3.1134c704f-9b21-4f2e-91b3-4a467353bcc0Secondary7.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v3.1 Breakdown

Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Apache Xalan-java All All All All
Application Azul Zulu 11.56 All All All
Application Azul Zulu 13.48 All All All
Application Azul Zulu 15.40 All All All
Application Azul Zulu 17.34 All All All
Application Azul Zulu 18.30 All All All
Application Azul Zulu 6.47 All All All
Application Azul Zulu 7.54 All All All
Application Azul Zulu 8.62 All All All
Operating System Debian Debian Linux 10.0 All All All
Operating System Debian Debian Linux 11.0 All All All
Operating System Fedoraproject Fedora 35 All All All
Operating System Fedoraproject Fedora 36 All All All
Application Netapp 7-mode Transition Tool - All All All
Application Netapp Active Iq Unified Manager - All All All
Application Netapp Active Iq Unified Manager - All All All
Application Netapp Cloud Insights Acquisition Unit - All All All
Application Netapp Cloud Secure Agent - All All All
Hardware Netapp Hci Compute Node - All All All
Application Netapp Hci Management Node - All All All
Application Netapp Oncommand Insight - All All All
Application Netapp Solidfire - All All All
Application Oracle Graalvm 20.3.6 All All All
Application Oracle Graalvm 21.3.2 All All All
Application Oracle Graalvm 22.1.0 All All All
Application Oracle Jdk 1.7.0 update343 All All
Application Oracle Jdk 1.8.0 update333 All All
Application Oracle Jdk 11.0.15.1 All All All
Application Oracle Jdk 17.0.3.1 All All All
Application Oracle Jdk 18.0.1.1 All All All
Application Oracle Jre 1.7.0 update343 All All
Application Oracle Jre 1.8.0 update333 All All
Application Oracle Jre 11.0.15.1 All All All
Application Oracle Jre 17.0.3.1 All All All
Application Oracle Jre 18.0.1.1 All All All
Application Oracle Openjdk 18 All All All
Application Oracle Openjdk 7 - All All
Application Oracle Openjdk 7 update1 All All
Application Oracle Openjdk 7 update10 All All
Application Oracle Openjdk 7 update101 All All
Application Oracle Openjdk 7 update11 All All
Application Oracle Openjdk 7 update111 All All
Application Oracle Openjdk 7 update121 All All
Application Oracle Openjdk 7 update13 All All
Application Oracle Openjdk 7 update131 All All
Application Oracle Openjdk 7 update141 All All
Application Oracle Openjdk 7 update15 All All
Application Oracle Openjdk 7 update151 All All
Application Oracle Openjdk 7 update161 All All
Application Oracle Openjdk 7 update17 All All
Application Oracle Openjdk 7 update171 All All
Application Oracle Openjdk 7 update181 All All
Application Oracle Openjdk 7 update191 All All
Application Oracle Openjdk 7 update2 All All
Application Oracle Openjdk 7 update201 All All
Application Oracle Openjdk 7 update21 All All
Application Oracle Openjdk 7 update211 All All
Application Oracle Openjdk 7 update221 All All
Application Oracle Openjdk 7 update231 All All
Application Oracle Openjdk 7 update241 All All
Application Oracle Openjdk 7 update25 All All
Application Oracle Openjdk 7 update251 All All
Application Oracle Openjdk 7 update261 All All
Application Oracle Openjdk 7 update271 All All
Application Oracle Openjdk 7 update281 All All
Application Oracle Openjdk 7 update291 All All
Application Oracle Openjdk 7 update3 All All
Application Oracle Openjdk 7 update301 All All
Application Oracle Openjdk 7 update311 All All
Application Oracle Openjdk 7 update321 All All
Application Oracle Openjdk 7 update4 All All
Application Oracle Openjdk 7 update40 All All
Application Oracle Openjdk 7 update45 All All
Application Oracle Openjdk 7 update5 All All
Application Oracle Openjdk 7 update51 All All
Application Oracle Openjdk 7 update55 All All
Application Oracle Openjdk 7 update6 All All
Application Oracle Openjdk 7 update60 All All
Application Oracle Openjdk 7 update65 All All
Application Oracle Openjdk 7 update67 All All
Application Oracle Openjdk 7 update7 All All
Application Oracle Openjdk 7 update72 All All
Application Oracle Openjdk 7 update76 All All
Application Oracle Openjdk 7 update80 All All
Application Oracle Openjdk 7 update85 All All
Application Oracle Openjdk 7 update9 All All
Application Oracle Openjdk 7 update91 All All
Application Oracle Openjdk 7 update95 All All
Application Oracle Openjdk 7 update97 All All
Application Oracle Openjdk 7 update99 All All
Application Oracle Openjdk 8 - All All
Application Oracle Openjdk 8 milestone1 All All
Application Oracle Openjdk 8 milestone2 All All
Application Oracle Openjdk 8 milestone3 All All
Application Oracle Openjdk 8 milestone4 All All
Application Oracle Openjdk 8 milestone5 All All
Application Oracle Openjdk 8 milestone6 All All
Application Oracle Openjdk 8 milestone7 All All
Application Oracle Openjdk 8 milestone8 All All
Application Oracle Openjdk 8 milestone9 All All
Application Oracle Openjdk 8 update101 All All
Application Oracle Openjdk 8 update102 All All
Application Oracle Openjdk 8 update11 All All
Application Oracle Openjdk 8 update111 All All
Application Oracle Openjdk 8 update112 All All
Application Oracle Openjdk 8 update121 All All
Application Oracle Openjdk 8 update131 All All
Application Oracle Openjdk 8 update141 All All
Application Oracle Openjdk 8 update151 All All
Application Oracle Openjdk 8 update152 All All
Application Oracle Openjdk 8 update161 All All
Application Oracle Openjdk 8 update162 All All
Application Oracle Openjdk 8 update171 All All
Application Oracle Openjdk 8 update172 All All
Application Oracle Openjdk 8 update181 All All
Application Oracle Openjdk 8 update191 All All
Application Oracle Openjdk 8 update192 All All
Application Oracle Openjdk 8 update20 All All
Application Oracle Openjdk 8 update201 All All
Application Oracle Openjdk 8 update202 All All
Application Oracle Openjdk 8 update211 All All
Application Oracle Openjdk 8 update212 All All
Application Oracle Openjdk 8 update221 All All
Application Oracle Openjdk 8 update222 All All
Application Oracle Openjdk 8 update231 All All
Application Oracle Openjdk 8 update232 All All
Application Oracle Openjdk 8 update241 All All
Application Oracle Openjdk 8 update242 All All
Application Oracle Openjdk 8 update25 All All
Application Oracle Openjdk 8 update252 All All
Application Oracle Openjdk 8 update262 All All
Application Oracle Openjdk 8 update271 All All
Application Oracle Openjdk 8 update281 All All
Application Oracle Openjdk 8 update282 All All
Application Oracle Openjdk 8 update291 All All
Application Oracle Openjdk 8 update301 All All
Application Oracle Openjdk 8 update302 All All
Application Oracle Openjdk 8 update31 All All
Application Oracle Openjdk 8 update312 All All
Application Oracle Openjdk 8 update322 All All
Application Oracle Openjdk 8 update332 All All
Application Oracle Openjdk 8 update40 All All
Application Oracle Openjdk 8 update45 All All
Application Oracle Openjdk 8 update5 All All
Application Oracle Openjdk 8 update51 All All
Application Oracle Openjdk 8 update60 All All
Application Oracle Openjdk 8 update65 All All
Application Oracle Openjdk 8 update66 All All
Application Oracle Openjdk 8 update71 All All
Application Oracle Openjdk 8 update72 All All
Application Oracle Openjdk 8 update73 All All
Application Oracle Openjdk 8 update74 All All
Application Oracle Openjdk 8 update77 All All
Application Oracle Openjdk 8 update91 All All
Application Oracle Openjdk 8 update92 All All
Application Oracle Openjdk All All All All
Application Oracle Openjdk All All All All
Application Oracle Openjdk All All All All
Application Oracle Openjdk All All All All

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Apache Software Foundation Apache Xalan-J affected Xalan-J 2.7.2 custom Not specified

References

ReferenceSourceLinkTags
oss-security - Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets af854a3a-2127-422b-91ae-364da2661108 www.openwall.com Mailing List, Patch, Third Party Advisory
Debian -- Security Information -- DSA-5256-1 bcel af854a3a-2127-422b-91ae-364da2661108 www.debian.org Third Party Advisory
[SECURITY] Fedora 36 Update: java-latest-openjdk-18.0.2.0.9-1.rolling.fc36 - package-announce - Fedora Mailing-Lists af854a3a-2127-422b-91ae-364da2661108 lists.fedoraproject.org
Debian -- Security Information -- DSA-5192-1 openjdk-17 af854a3a-2127-422b-91ae-364da2661108 www.debian.org Third Party Advisory
Xalan-J XSLTC Integer Truncation ≈ Packet Storm af854a3a-2127-422b-91ae-364da2661108 packetstormsecurity.com Third Party Advisory, VDB Entry
[SECURITY] Fedora 35 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc35 - package-announce - Fedora Mailing-Lists af854a3a-2127-422b-91ae-364da2661108 lists.fedoraproject.org
lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw af854a3a-2127-422b-91ae-364da2661108 lists.apache.org Issue Tracking, Mailing List, Vendor Advisory
[SECURITY] Fedora 35 Update: java-11-openjdk-11.0.16.0.8-1.fc35 - package-announce - Fedora Mailing-Lists af854a3a-2127-422b-91ae-364da2661108 lists.fedoraproject.org
Oracle Critical Patch Update Advisory - July 2022 af854a3a-2127-422b-91ae-364da2661108 www.oracle.com Patch, Third Party Advisory
security.netapp.com/advisory/ntap-20240621-0006 af854a3a-2127-422b-91ae-364da2661108 security.netapp.com
[SECURITY] Fedora 36 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc36 - package-announce - Fedora Mailing-Lists af854a3a-2127-422b-91ae-364da2661108 lists.fedoraproject.org
OpenJDK: Multiple Vulnerabilities (GLSA 202401-25) — Gentoo security af854a3a-2127-422b-91ae-364da2661108 security.gentoo.org
oss-security - Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets af854a3a-2127-422b-91ae-364da2661108 www.openwall.com Mailing List, Patch, Third Party Advisory
[SECURITY] Fedora 36 Update: java-11-openjdk-11.0.16.0.8-1.fc36 - package-announce - Fedora Mailing-Lists af854a3a-2127-422b-91ae-364da2661108 lists.fedoraproject.org
[SECURITY] [DLA 3155-1] bcel security update af854a3a-2127-422b-91ae-364da2661108 lists.debian.org Mailing List, Third Party Advisory
oss-security - Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets af854a3a-2127-422b-91ae-364da2661108 www.openwall.com Mailing List, Third Party Advisory
Debian -- Security Information -- DSA-5188-1 openjdk-11 af854a3a-2127-422b-91ae-364da2661108 www.debian.org Third Party Advisory
[SECURITY] Fedora 35 Update: java-latest-openjdk-18.0.2.0.9-1.rolling.fc35 - package-announce - Fedora Mailing-Lists af854a3a-2127-422b-91ae-364da2661108 lists.fedoraproject.org
oss-security - CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets af854a3a-2127-422b-91ae-364da2661108 www.openwall.com Mailing List, Third Party Advisory
oss-security - Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing af854a3a-2127-422b-91ae-364da2661108 www.openwall.com Mailing List, Third Party Advisory
lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8 af854a3a-2127-422b-91ae-364da2661108 lists.apache.org Issue Tracking, Mailing List, Vendor Advisory
oss-security - Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing af854a3a-2127-422b-91ae-364da2661108 www.openwall.com Mailing List, Third Party Advisory
oss-security - Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets af854a3a-2127-422b-91ae-364da2661108 www.openwall.com Mailing List, Third Party Advisory
July 2022 Java Platform Standard Edition Vulnerabilities in NetApp Products | NetApp Product Security af854a3a-2127-422b-91ae-364da2661108 security.netapp.com Third Party Advisory
[SECURITY] Fedora 36 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc36 - package-announce - Fedora Mailing-Lists MITRE lists.fedoraproject.org
[SECURITY] Fedora 35 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc35 - package-announce - Fedora Mailing-Lists MITRE lists.fedoraproject.org
[SECURITY] Fedora 36 Update: java-11-openjdk-11.0.16.0.8-1.fc36 - package-announce - Fedora Mailing-Lists MITRE lists.fedoraproject.org
[SECURITY] Fedora 35 Update: java-latest-openjdk-18.0.2.0.9-1.rolling.fc35 - package-announce - Fedora Mailing-Lists MITRE lists.fedoraproject.org
[SECURITY] Fedora 35 Update: java-11-openjdk-11.0.16.0.8-1.fc35 - package-announce - Fedora Mailing-Lists MITRE lists.fedoraproject.org
[SECURITY] Fedora 36 Update: java-latest-openjdk-18.0.2.0.9-1.rolling.fc36 - package-announce - Fedora Mailing-Lists MITRE lists.fedoraproject.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Vendor Comments And Credit

Discovery Credit

CNA: Reported by Felix Wilhelm, Google Project Zero (en)

Legacy QID Mappings

  • 159992 Oracle Enterprise Linux Security Update for java-11-openjdk (ELSA-2022-5683)
  • 159993 Oracle Enterprise Linux Security Update for java-11-openjdk (ELSA-2022-5687)
  • 159994 Oracle Enterprise Linux Security Update for java-11-openjdk (ELSA-2022-5695)
  • 159995 Oracle Enterprise Linux Security Update for java-1.8.0-openjdk (ELSA-2022-5698)
  • 159996 Oracle Enterprise Linux Security Update for java-1.8.0-openjdk (ELSA-2022-5696)
  • 159997 Oracle Enterprise Linux Security Update for java-1.8.0-openjdk (ELSA-2022-5709)
  • 159999 Oracle Enterprise Linux Security Update for java-17-openjdk (ELSA-2022-5726)
  • 160000 Oracle Enterprise Linux Security Update for java-17-openjdk (ELSA-2022-5736)
  • 180895 Debian Security Update for openjdk-11 (DSA 5188-1)
  • 180901 Debian Security Update for openjdk-17 (DSA 5192-1)
  • 181143 Debian Security Update for bcel (DLA 3155-1)
  • 181144 Debian Security Update for bcel (DSA 5256-1)
  • 183146 Debian Security Update for bcelopenjdk-17 (CVE-2022-34169)
  • 198886 Ubuntu Security Notification for Open Java Development Toolkit (OpenJDK) Vulnerabilities (USN-5546-1)
  • 20262 Oracle Database 21c Critical Patch Update - July 2022
  • 20263 Oracle Database 19c Critical Patch Update - July 2022
  • 20264 Oracle Database 12.1.0.2 Critical Patch Update - July 2022
  • 20265 Oracle Database 12.1.0.2 Critical Patch Update - July 2022 (Unauthenticated)
  • 20270 Oracle Database 21c Critical Patch Update - October 2022
  • 240546 Red Hat Update for java-11-openjdk security (RHSA-2022:5683)
  • 240547 Red Hat Update for java-11-openjdk security (RHSA-2022:5687)
  • 240548 Red Hat Update for java-11-openjdk (RHSA-2022:5684)
  • 240549 Red Hat Update for java-11-openjdk (RHSA-2022:5681)
  • 240553 Red Hat Update for java-1.8.0-openjdk (RHSA-2022:5700)
  • 240554 Red Hat Update for java-11-openjdk security (RHSA-2022:5695)
  • 240555 Red Hat Update for java-1.8.0-openjdk security (RHSA-2022:5696)
  • 240556 Red Hat Update for java-1.8.0-openjdk (RHSA-2022:5697)
  • 240557 Red Hat Update for java-1.8.0-openjdk security (RHSA-2022:5698)
  • 240558 Red Hat Update for java-1.8.0-openjdk security (RHSA-2022:5709)
  • 240560 Red Hat Update for java-17-openjdk security (RHSA-2022:5726)
  • 240564 Red Hat Update for java-17-openjdk security (RHSA-2022:5736)
  • 257174 CentOS Security Update for java-1.8.0-openjdk Security Update (CESA-2022:5698)
  • 257176 CentOS Security Update for java-11-openjdk (CESA-2022:5687)
  • 282975 Fedora Security Update for java (FEDORA-2022-34584d4257)
  • 283005 Fedora Security Update for java (FEDORA-2022-80afe2304a)
  • 283006 Fedora Security Update for java (FEDORA-2022-19b6f21746)
  • 283007 Fedora Security Update for java (FEDORA-2022-d26586b419)
  • 283008 Fedora Security Update for java (FEDORA-2022-ae563934f7)
  • 283009 Fedora Security Update for java (FEDORA-2022-64431bccec)
  • 283010 Fedora Security Update for java (FEDORA-2022-b76ab52e73)
  • 283011 Fedora Security Update for java (FEDORA-2022-e573851f56)
  • 296082 Oracle Solaris 11.4 Support Repository Update (SRU) 48.126.1 Missing (CPUJUL2022)
  • 353996 Amazon Linux Security Advisory for java-17-amazon-corretto : ALAS2-2022-1824
  • 354004 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2-2022-1823
  • 354019 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2CORRETTO8-2022-003
  • 354021 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2-2022-1822
  • 354045 Amazon Linux Security Advisory for java-1.8.0-openjdk : ALAS-2022-1631
  • 354052 Amazon Linux Security Advisory for java-1.7.0-openjdk : ALAS-2022-1633
  • 354054 Amazon Linux Security Advisory for java-1.7.0-openjdk : ALAS2-2022-1835
  • 354057 Amazon Linux Security Advisory for java-1.8.0-openjdk : ALAS2-2022-1836
  • 354059 Amazon Linux Security Advisory for java-11-openjdk : ALAS2JAVA-OPENJDK11-2022-002
  • 354294 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2022-2022-153
  • 354303 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2022-2022-111
  • 354334 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2022-2022-120
  • 354375 Amazon Linux Security Advisory for java-17-amazon-corretto : ALAS2022-2022-113
  • 354396 Amazon Linux Security Advisory for java-17-amazon-corretto : ALAS2022-2022-151
  • 354400 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2022-2022-112
  • 354455 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2022-2022-119
  • 354472 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2022-2022-152
  • 354523 Amazon Linux Security Advisory for java-17-amazon-corretto : ALAS2022-2022-121
  • 376733 Oracle Java Standard Edition (SE) Critical Patch Update - July 2022 (CPUJUL2022)
  • 376756 Amazon Corretto Critical Patch Update (JUL2022)
  • 376761 Azul Java Multiple Vulnerabilities Security Update July 2022
  • 376896 Alibaba Cloud Linux Security Update for java-17-openjdk (ALINUX3-SA-2022:0145)
  • 376920 Alibaba Cloud Linux Security Update for java-11-openjdk (ALINUX3-SA-2022:0141)
  • 377051 Alibaba Cloud Linux Security Update for java-11-openjdk (ALINUX2-SA-2022:0033)
  • 377164 Alibaba Cloud Linux Security Update for java-1.8.0-openjdk (ALINUX3-SA-2022:0143)
  • 377216 Alibaba Cloud Linux Security Update for java-1.8.0-openjdk (ALINUX2-SA-2022:0034)
  • 378378 Red Hat OpenJDK 8u342 Windows Builds release and Security Update (RHSA-2022:5753)
  • 378379 Red Hat OpenJDK 11.0.16 Security Update for Windows Builds (RHSA-2022:5756)
  • 378380 Red Hat OpenJDK 17.0.4 Security Update for Windows Builds (RHSA-2022:5757)
  • 378427 Oracle PeopleSoft Enterprise PeopleTools Product Multiple Vulnerabilities (CPUAPR2023)
  • 379452 IBM Cognos Analytics Multiple Vulnerabilities (7123154)
  • 379516 IBM Sterling Secure Proxy Multiple Vulnerabilities (7142038)
  • 502455 Alpine Linux Security Update for openjdk15
  • 502456 Alpine Linux Security Update for openjdk17
  • 502468 Alpine Linux Security Update for openjdk11
  • 502484 Alpine Linux Security Update for openjdk13
  • 502488 Alpine Linux Security Update for openjdk8
  • 502578 Alpine Linux Security Update for openjdk11
  • 503700 Alpine Linux Security Update for openjdk8
  • 672144 EulerOS Security Update for java-1.8.0-openjdk (EulerOS-SA-2022-2440)
  • 672195 EulerOS Security Update for java-1.8.0-openjdk (EulerOS-SA-2022-2465)
  • 672212 EulerOS Security Update for java-1.8.0-openjdk (EulerOS-SA-2022-2617)
  • 672213 EulerOS Security Update for java-1.7.0-openjdk (EulerOS-SA-2022-2616)
  • 710843 Gentoo Linux Open Java Development Toolkit (OpenJDK) Multiple Vulnerabilities (GLSA 202401-25)
  • 731292 Atlassian Jira Software Data Center and Server Remote Code Execution (RCE) Vulnerability (JSWSERVER-25841)
  • 752413 SUSE Enterprise Linux Security Update for java-11-openjdk (SUSE-SU-2022:2610-1)
  • 752418 SUSE Enterprise Linux Security Update for java-17-openjdk (SUSE-SU-2022:2660-1)
  • 752450 SUSE Enterprise Linux Security Update for java-11-openjdk (SUSE-SU-2022:2707-1)
  • 752468 SUSE Enterprise Linux Security Update for java-1_8_0-openjdk (SUSE-SU-2022:2819-1)
  • 752491 SUSE Enterprise Linux Security Update for java-1_8_0-openjdk (SUSE-SU-2022:2856-1)
  • 752507 SUSE Enterprise Linux Security Update for java-1_8_0-ibm (SUSE-SU-2022:2899-1)
  • 752510 SUSE Enterprise Linux Security Update for java-1_7_1-ibm (SUSE-SU-2022:2898-1)
  • 752526 SUSE Enterprise Linux Security Update for java-1_8_0-ibm (SUSE-SU-2022:2949-1)
  • 752556 SUSE Enterprise Linux Security Update for java-1_8_0-ibm (SUSE-SU-2022:3152-1)
  • 752883 SUSE Enterprise Linux Security Update for java-1_8_0-ibm (SUSE-SU-2022:4166-1)
  • 902573 Common Base Linux Mariner (CBL-Mariner) Security Update for openjdk8 (10371)
  • 940599 AlmaLinux Security Update for java-11-openjdk (ALSA-2022:5683)
  • 940601 AlmaLinux Security Update for java-1.8.0-openjdk (ALSA-2022:5696)
  • 940619 AlmaLinux Security Update for java-1.8.0-openjdk (ALSA-2022:5709)
  • 940621 AlmaLinux Security Update for java-17-openjdk (ALSA-2022:5736)
  • 940628 AlmaLinux Security Update for java-11-openjdk (ALSA-2022:5695)
  • 960159 Rocky Linux Security Update for java-17-openjdk (RLSA-2022:5726)
  • 960160 Rocky Linux Security Update for java-1.8.0-openjdk (RLSA-2022:5696)
  • 960161 Rocky Linux Security Update for java-11-openjdk (RLSA-2022:5683)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report