CVE-2022-34169
Summary
| CVE | CVE-2022-34169 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-07-19 18:15:00 UTC |
| Updated | 2024-01-17 15:15:00 UTC |
| Description | The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. |
Risk And Classification
Problem Types: CWE-681
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Xalan-java | All | All | All | All |
| Application | Azul | Zulu | 11.56 | All | All | All |
| Application | Azul | Zulu | 11.57 | All | All | All |
| Application | Azul | Zulu | 11.58 | All | All | All |
| Application | Azul | Zulu | 13.48 | All | All | All |
| Application | Azul | Zulu | 13.49 | All | All | All |
| Application | Azul | Zulu | 13.50 | All | All | All |
| Application | Azul | Zulu | 15.40 | All | All | All |
| Application | Azul | Zulu | 15.41 | All | All | All |
| Application | Azul | Zulu | 15.42 | All | All | All |
| Application | Azul | Zulu | 17.34 | All | All | All |
| Application | Azul | Zulu | 17.35 | All | All | All |
| Application | Azul | Zulu | 17.36 | All | All | All |
| Application | Azul | Zulu | 18.30 | All | All | All |
| Application | Azul | Zulu | 18.32 | All | All | All |
| Application | Azul | Zulu | 6.47 | All | All | All |
| Application | Azul | Zulu | 6.49 | All | All | All |
| Application | Azul | Zulu | 7.54 | All | All | All |
| Application | Azul | Zulu | 7.55 | All | All | All |
| Application | Azul | Zulu | 7.56 | All | All | All |
| Application | Azul | Zulu | 8.62 | All | All | All |
| Application | Azul | Zulu | 8.63 | All | All | All |
| Application | Azul | Zulu | 8.64 | All | All | All |
| Operating System | Debian | Debian Linux | 10.0 | All | All | All |
| Operating System | Debian | Debian Linux | 11.0 | All | All | All |
| Operating System | Fedoraproject | Fedora | 35 | All | All | All |
| Operating System | Fedoraproject | Fedora | 36 | All | All | All |
| Application | Netapp | 7-mode Transition Tool | - | All | All | All |
| Application | Netapp | Active Iq Unified Manager | - | All | All | All |
| Application | Netapp | Active Iq Unified Manager | - | All | All | All |
| Application | Netapp | Cloud Insights Acquisition Unit | - | All | All | All |
| Application | Netapp | Cloud Secure Agent | - | All | All | All |
| Hardware | Netapp | Hci Compute Node | - | All | All | All |
| Application | Netapp | Hci Management Node | - | All | All | All |
| Application | Netapp | Oncommand Insight | - | All | All | All |
| Application | Netapp | Solidfire | - | All | All | All |
| Application | Oracle | Graalvm | 20.3.6 | All | All | All |
| Application | Oracle | Graalvm | 21.3.2 | All | All | All |
| Application | Oracle | Graalvm | 22.1.0 | All | All | All |
| Application | Oracle | Jdk | 1.7.0 | update343 | All | All |
| Application | Oracle | Jdk | 1.8.0 | update333 | All | All |
| Application | Oracle | Jdk | 11.0.15.1 | All | All | All |
| Application | Oracle | Jdk | 17.0.3.1 | All | All | All |
| Application | Oracle | Jdk | 18.0.1.1 | All | All | All |
| Application | Oracle | Jre | 1.7.0 | update343 | All | All |
| Application | Oracle | Jre | 1.8.0 | update333 | All | All |
| Application | Oracle | Jre | 11.0.15.1 | All | All | All |
| Application | Oracle | Jre | 17.0.3.1 | All | All | All |
| Application | Oracle | Jre | 18.0.1.1 | All | All | All |
| Application | Oracle | Openjdk | 18 | All | All | All |
| Application | Oracle | Openjdk | 7 | - | All | All |
| Application | Oracle | Openjdk | 7 | update1 | All | All |
| Application | Oracle | Openjdk | 7 | update10 | All | All |
| Application | Oracle | Openjdk | 7 | update101 | All | All |
| Application | Oracle | Openjdk | 7 | update11 | All | All |
| Application | Oracle | Openjdk | 7 | update111 | All | All |
| Application | Oracle | Openjdk | 7 | update121 | All | All |
| Application | Oracle | Openjdk | 7 | update13 | All | All |
| Application | Oracle | Openjdk | 7 | update131 | All | All |
| Application | Oracle | Openjdk | 7 | update141 | All | All |
| Application | Oracle | Openjdk | 7 | update15 | All | All |
| Application | Oracle | Openjdk | 7 | update151 | All | All |
| Application | Oracle | Openjdk | 7 | update161 | All | All |
| Application | Oracle | Openjdk | 7 | update17 | All | All |
| Application | Oracle | Openjdk | 7 | update171 | All | All |
| Application | Oracle | Openjdk | 7 | update181 | All | All |
| Application | Oracle | Openjdk | 7 | update191 | All | All |
| Application | Oracle | Openjdk | 7 | update2 | All | All |
| Application | Oracle | Openjdk | 7 | update201 | All | All |
| Application | Oracle | Openjdk | 7 | update21 | All | All |
| Application | Oracle | Openjdk | 7 | update211 | All | All |
| Application | Oracle | Openjdk | 7 | update221 | All | All |
| Application | Oracle | Openjdk | 7 | update231 | All | All |
| Application | Oracle | Openjdk | 7 | update241 | All | All |
| Application | Oracle | Openjdk | 7 | update25 | All | All |
| Application | Oracle | Openjdk | 7 | update251 | All | All |
| Application | Oracle | Openjdk | 7 | update261 | All | All |
| Application | Oracle | Openjdk | 7 | update271 | All | All |
| Application | Oracle | Openjdk | 7 | update281 | All | All |
| Application | Oracle | Openjdk | 7 | update291 | All | All |
| Application | Oracle | Openjdk | 7 | update3 | All | All |
| Application | Oracle | Openjdk | 7 | update301 | All | All |
| Application | Oracle | Openjdk | 7 | update311 | All | All |
| Application | Oracle | Openjdk | 7 | update321 | All | All |
| Application | Oracle | Openjdk | 7 | update4 | All | All |
| Application | Oracle | Openjdk | 7 | update40 | All | All |
| Application | Oracle | Openjdk | 7 | update45 | All | All |
| Application | Oracle | Openjdk | 7 | update5 | All | All |
| Application | Oracle | Openjdk | 7 | update51 | All | All |
| Application | Oracle | Openjdk | 7 | update55 | All | All |
| Application | Oracle | Openjdk | 7 | update6 | All | All |
| Application | Oracle | Openjdk | 7 | update60 | All | All |
| Application | Oracle | Openjdk | 7 | update65 | All | All |
| Application | Oracle | Openjdk | 7 | update67 | All | All |
| Application | Oracle | Openjdk | 7 | update7 | All | All |
| Application | Oracle | Openjdk | 7 | update72 | All | All |
| Application | Oracle | Openjdk | 7 | update76 | All | All |
| Application | Oracle | Openjdk | 7 | update80 | All | All |
| Application | Oracle | Openjdk | 7 | update85 | All | All |
| Application | Oracle | Openjdk | 7 | update9 | All | All |
| Application | Oracle | Openjdk | 7 | update91 | All | All |
| Application | Oracle | Openjdk | 7 | update95 | All | All |
| Application | Oracle | Openjdk | 7 | update97 | All | All |
| Application | Oracle | Openjdk | 7 | update99 | All | All |
| Application | Oracle | Openjdk | 8 | - | All | All |
| Application | Oracle | Openjdk | 8 | milestone1 | All | All |
| Application | Oracle | Openjdk | 8 | milestone2 | All | All |
| Application | Oracle | Openjdk | 8 | milestone3 | All | All |
| Application | Oracle | Openjdk | 8 | milestone4 | All | All |
| Application | Oracle | Openjdk | 8 | milestone5 | All | All |
| Application | Oracle | Openjdk | 8 | milestone6 | All | All |
| Application | Oracle | Openjdk | 8 | milestone7 | All | All |
| Application | Oracle | Openjdk | 8 | milestone8 | All | All |
| Application | Oracle | Openjdk | 8 | milestone9 | All | All |
| Application | Oracle | Openjdk | 8 | update101 | All | All |
| Application | Oracle | Openjdk | 8 | update102 | All | All |
| Application | Oracle | Openjdk | 8 | update11 | All | All |
| Application | Oracle | Openjdk | 8 | update111 | All | All |
| Application | Oracle | Openjdk | 8 | update112 | All | All |
| Application | Oracle | Openjdk | 8 | update121 | All | All |
| Application | Oracle | Openjdk | 8 | update131 | All | All |
| Application | Oracle | Openjdk | 8 | update141 | All | All |
| Application | Oracle | Openjdk | 8 | update151 | All | All |
| Application | Oracle | Openjdk | 8 | update152 | All | All |
| Application | Oracle | Openjdk | 8 | update161 | All | All |
| Application | Oracle | Openjdk | 8 | update162 | All | All |
| Application | Oracle | Openjdk | 8 | update171 | All | All |
| Application | Oracle | Openjdk | 8 | update172 | All | All |
| Application | Oracle | Openjdk | 8 | update181 | All | All |
| Application | Oracle | Openjdk | 8 | update191 | All | All |
| Application | Oracle | Openjdk | 8 | update192 | All | All |
| Application | Oracle | Openjdk | 8 | update20 | All | All |
| Application | Oracle | Openjdk | 8 | update201 | All | All |
| Application | Oracle | Openjdk | 8 | update202 | All | All |
| Application | Oracle | Openjdk | 8 | update211 | All | All |
| Application | Oracle | Openjdk | 8 | update212 | All | All |
| Application | Oracle | Openjdk | 8 | update221 | All | All |
| Application | Oracle | Openjdk | 8 | update222 | All | All |
| Application | Oracle | Openjdk | 8 | update231 | All | All |
| Application | Oracle | Openjdk | 8 | update232 | All | All |
| Application | Oracle | Openjdk | 8 | update241 | All | All |
| Application | Oracle | Openjdk | 8 | update242 | All | All |
| Application | Oracle | Openjdk | 8 | update25 | All | All |
| Application | Oracle | Openjdk | 8 | update252 | All | All |
| Application | Oracle | Openjdk | 8 | update262 | All | All |
| Application | Oracle | Openjdk | 8 | update271 | All | All |
| Application | Oracle | Openjdk | 8 | update281 | All | All |
| Application | Oracle | Openjdk | 8 | update282 | All | All |
| Application | Oracle | Openjdk | 8 | update291 | All | All |
| Application | Oracle | Openjdk | 8 | update301 | All | All |
| Application | Oracle | Openjdk | 8 | update302 | All | All |
| Application | Oracle | Openjdk | 8 | update31 | All | All |
| Application | Oracle | Openjdk | 8 | update312 | All | All |
| Application | Oracle | Openjdk | 8 | update322 | All | All |
| Application | Oracle | Openjdk | 8 | update332 | All | All |
| Application | Oracle | Openjdk | 8 | update40 | All | All |
| Application | Oracle | Openjdk | 8 | update45 | All | All |
| Application | Oracle | Openjdk | 8 | update5 | All | All |
| Application | Oracle | Openjdk | 8 | update51 | All | All |
| Application | Oracle | Openjdk | 8 | update60 | All | All |
| Application | Oracle | Openjdk | 8 | update65 | All | All |
| Application | Oracle | Openjdk | 8 | update66 | All | All |
| Application | Oracle | Openjdk | 8 | update71 | All | All |
| Application | Oracle | Openjdk | 8 | update72 | All | All |
| Application | Oracle | Openjdk | 8 | update73 | All | All |
| Application | Oracle | Openjdk | 8 | update74 | All | All |
| Application | Oracle | Openjdk | 8 | update77 | All | All |
| Application | Oracle | Openjdk | 8 | update91 | All | All |
| Application | Oracle | Openjdk | 8 | update92 | All | All |
| Application | Oracle | Openjdk | All | All | All | All |
| Application | Oracle | Openjdk | All | All | All | All |
| Application | Oracle | Openjdk | All | All | All | All |
| Application | Oracle | Openjdk | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| oss-security - Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets | MLIST | www.openwall.com | |
| Debian -- Security Information -- DSA-5192-1 openjdk-17 | DEBIAN | www.debian.org | |
| oss-security - CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets | MLIST | www.openwall.com | |
| [SECURITY] Fedora 35 Update: java-11-openjdk-11.0.16.0.8-1.fc35 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 36 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc36 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 36 Update: java-latest-openjdk-18.0.2.0.9-1.rolling.fc36 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 35 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc35 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| oss-security - Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets | MLIST | www.openwall.com | |
| [SECURITY] Fedora 35 Update: java-latest-openjdk-18.0.2.0.9-1.rolling.fc35 - package-announce - Fedora Mailing-Lists | MISC | lists.fedoraproject.org | |
| July 2022 Java Platform Standard Edition Vulnerabilities in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| Debian -- Security Information -- DSA-5188-1 openjdk-11 | DEBIAN | www.debian.org | |
| [SECURITY] Fedora 36 Update: java-latest-openjdk-18.0.2.0.9-1.rolling.fc36 - package-announce - Fedora Mailing-Lists | MISC | lists.fedoraproject.org | |
| Oracle Critical Patch Update Advisory - July 2022 | MISC | www.oracle.com | |
| [SECURITY] Fedora 35 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc35 - package-announce - Fedora Mailing-Lists | MISC | lists.fedoraproject.org | |
| oss-security - Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets | MLIST | www.openwall.com | |
| OpenJDK: Multiple Vulnerabilities (GLSA 202401-25) — Gentoo security | security.gentoo.org | ||
| [SECURITY] Fedora 35 Update: java-11-openjdk-11.0.16.0.8-1.fc35 - package-announce - Fedora Mailing-Lists | MISC | lists.fedoraproject.org | |
| [SECURITY] [DLA 3155-1] bcel security update | MLIST | lists.debian.org | |
| [SECURITY] Fedora 36 Update: java-11-openjdk-11.0.16.0.8-1.fc36 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 35 Update: java-latest-openjdk-18.0.2.0.9-1.rolling.fc35 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw | MISC | lists.apache.org | |
| oss-security - Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing | MLIST | www.openwall.com | |
| Xalan-J XSLTC Integer Truncation ≈ Packet Storm | MISC | packetstormsecurity.com | |
| [SECURITY] Fedora 36 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc36 - package-announce - Fedora Mailing-Lists | MISC | lists.fedoraproject.org | |
| lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8 | MISC | lists.apache.org | |
| oss-security - Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets | MLIST | www.openwall.com | |
| Debian -- Security Information -- DSA-5256-1 bcel | DEBIAN | www.debian.org | |
| oss-security - Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing | MLIST | www.openwall.com | |
| [SECURITY] Fedora 36 Update: java-11-openjdk-11.0.16.0.8-1.fc36 - package-announce - Fedora Mailing-Lists | MISC | lists.fedoraproject.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159992 Oracle Enterprise Linux Security Update for java-11-openjdk (ELSA-2022-5683)
- 159993 Oracle Enterprise Linux Security Update for java-11-openjdk (ELSA-2022-5687)
- 159994 Oracle Enterprise Linux Security Update for java-11-openjdk (ELSA-2022-5695)
- 159995 Oracle Enterprise Linux Security Update for java-1.8.0-openjdk (ELSA-2022-5698)
- 159996 Oracle Enterprise Linux Security Update for java-1.8.0-openjdk (ELSA-2022-5696)
- 159997 Oracle Enterprise Linux Security Update for java-1.8.0-openjdk (ELSA-2022-5709)
- 159999 Oracle Enterprise Linux Security Update for java-17-openjdk (ELSA-2022-5726)
- 160000 Oracle Enterprise Linux Security Update for java-17-openjdk (ELSA-2022-5736)
- 180895 Debian Security Update for openjdk-11 (DSA 5188-1)
- 180901 Debian Security Update for openjdk-17 (DSA 5192-1)
- 181143 Debian Security Update for bcel (DLA 3155-1)
- 181144 Debian Security Update for bcel (DSA 5256-1)
- 183146 Debian Security Update for bcelopenjdk-17 (CVE-2022-34169)
- 198886 Ubuntu Security Notification for Open Java Development Toolkit (OpenJDK) Vulnerabilities (USN-5546-1)
- 20262 Oracle Database 21c Critical Patch Update - July 2022
- 20263 Oracle Database 19c Critical Patch Update - July 2022
- 20264 Oracle Database 12.1.0.2 Critical Patch Update - July 2022
- 20265 Oracle Database 12.1.0.2 Critical Patch Update - July 2022 (Unauthenticated)
- 20270 Oracle Database 21c Critical Patch Update - October 2022
- 240546 Red Hat Update for java-11-openjdk security (RHSA-2022:5683)
- 240547 Red Hat Update for java-11-openjdk security (RHSA-2022:5687)
- 240548 Red Hat Update for java-11-openjdk (RHSA-2022:5684)
- 240549 Red Hat Update for java-11-openjdk (RHSA-2022:5681)
- 240553 Red Hat Update for java-1.8.0-openjdk (RHSA-2022:5700)
- 240554 Red Hat Update for java-11-openjdk security (RHSA-2022:5695)
- 240555 Red Hat Update for java-1.8.0-openjdk security (RHSA-2022:5696)
- 240556 Red Hat Update for java-1.8.0-openjdk (RHSA-2022:5697)
- 240557 Red Hat Update for java-1.8.0-openjdk security (RHSA-2022:5698)
- 240558 Red Hat Update for java-1.8.0-openjdk security (RHSA-2022:5709)
- 240560 Red Hat Update for java-17-openjdk security (RHSA-2022:5726)
- 240564 Red Hat Update for java-17-openjdk security (RHSA-2022:5736)
- 257174 CentOS Security Update for java-1.8.0-openjdk Security Update (CESA-2022:5698)
- 257176 CentOS Security Update for java-11-openjdk (CESA-2022:5687)
- 282975 Fedora Security Update for java (FEDORA-2022-34584d4257)
- 283005 Fedora Security Update for java (FEDORA-2022-80afe2304a)
- 283006 Fedora Security Update for java (FEDORA-2022-19b6f21746)
- 283007 Fedora Security Update for java (FEDORA-2022-d26586b419)
- 283008 Fedora Security Update for java (FEDORA-2022-ae563934f7)
- 283009 Fedora Security Update for java (FEDORA-2022-64431bccec)
- 283010 Fedora Security Update for java (FEDORA-2022-b76ab52e73)
- 283011 Fedora Security Update for java (FEDORA-2022-e573851f56)
- 296082 Oracle Solaris 11.4 Support Repository Update (SRU) 48.126.1 Missing (CPUJUL2022)
- 353996 Amazon Linux Security Advisory for java-17-amazon-corretto : ALAS2-2022-1824
- 354004 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2-2022-1823
- 354019 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2CORRETTO8-2022-003
- 354021 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2-2022-1822
- 354045 Amazon Linux Security Advisory for java-1.8.0-openjdk : ALAS-2022-1631
- 354052 Amazon Linux Security Advisory for java-1.7.0-openjdk : ALAS-2022-1633
- 354054 Amazon Linux Security Advisory for java-1.7.0-openjdk : ALAS2-2022-1835
- 354057 Amazon Linux Security Advisory for java-1.8.0-openjdk : ALAS2-2022-1836
- 354059 Amazon Linux Security Advisory for java-11-openjdk : ALAS2JAVA-OPENJDK11-2022-002
- 354294 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2022-2022-153
- 354303 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2022-2022-111
- 354334 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2022-2022-120
- 354375 Amazon Linux Security Advisory for java-17-amazon-corretto : ALAS2022-2022-113
- 354396 Amazon Linux Security Advisory for java-17-amazon-corretto : ALAS2022-2022-151
- 354400 Amazon Linux Security Advisory for java-11-amazon-corretto : ALAS2022-2022-112
- 354455 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2022-2022-119
- 354472 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2022-2022-152
- 354523 Amazon Linux Security Advisory for java-17-amazon-corretto : ALAS2022-2022-121
- 376733 Oracle Java Standard Edition (SE) Critical Patch Update - July 2022 (CPUJUL2022)
- 376756 Amazon Corretto Critical Patch Update (JUL2022)
- 376761 Azul Java Multiple Vulnerabilities Security Update July 2022
- 376896 Alibaba Cloud Linux Security Update for java-17-openjdk (ALINUX3-SA-2022:0145)
- 376920 Alibaba Cloud Linux Security Update for java-11-openjdk (ALINUX3-SA-2022:0141)
- 377051 Alibaba Cloud Linux Security Update for java-11-openjdk (ALINUX2-SA-2022:0033)
- 377164 Alibaba Cloud Linux Security Update for java-1.8.0-openjdk (ALINUX3-SA-2022:0143)
- 377216 Alibaba Cloud Linux Security Update for java-1.8.0-openjdk (ALINUX2-SA-2022:0034)
- 378378 Red Hat OpenJDK 8u342 Windows Builds release and Security Update (RHSA-2022:5753)
- 378379 Red Hat OpenJDK 11.0.16 Security Update for Windows Builds (RHSA-2022:5756)
- 378380 Red Hat OpenJDK 17.0.4 Security Update for Windows Builds (RHSA-2022:5757)
- 378427 Oracle PeopleSoft Enterprise PeopleTools Product Multiple Vulnerabilities (CPUAPR2023)
- 379452 IBM Cognos Analytics Multiple Vulnerabilities (7123154)
- 379516 IBM Sterling Secure Proxy Multiple Vulnerabilities (7142038)
- 502455 Alpine Linux Security Update for openjdk15
- 502456 Alpine Linux Security Update for openjdk17
- 502468 Alpine Linux Security Update for openjdk11
- 502484 Alpine Linux Security Update for openjdk13
- 502488 Alpine Linux Security Update for openjdk8
- 502578 Alpine Linux Security Update for openjdk11
- 503700 Alpine Linux Security Update for openjdk8
- 672144 EulerOS Security Update for java-1.8.0-openjdk (EulerOS-SA-2022-2440)
- 672195 EulerOS Security Update for java-1.8.0-openjdk (EulerOS-SA-2022-2465)
- 672212 EulerOS Security Update for java-1.8.0-openjdk (EulerOS-SA-2022-2617)
- 672213 EulerOS Security Update for java-1.7.0-openjdk (EulerOS-SA-2022-2616)
- 710843 Gentoo Linux Open Java Development Toolkit (OpenJDK) Multiple Vulnerabilities (GLSA 202401-25)
- 731292 Atlassian Jira Software Data Center and Server Remote Code Execution (RCE) Vulnerability (JSWSERVER-25841)
- 752413 SUSE Enterprise Linux Security Update for java-11-openjdk (SUSE-SU-2022:2610-1)
- 752418 SUSE Enterprise Linux Security Update for java-17-openjdk (SUSE-SU-2022:2660-1)
- 752450 SUSE Enterprise Linux Security Update for java-11-openjdk (SUSE-SU-2022:2707-1)
- 752468 SUSE Enterprise Linux Security Update for java-1_8_0-openjdk (SUSE-SU-2022:2819-1)
- 752491 SUSE Enterprise Linux Security Update for java-1_8_0-openjdk (SUSE-SU-2022:2856-1)
- 752507 SUSE Enterprise Linux Security Update for java-1_8_0-ibm (SUSE-SU-2022:2899-1)
- 752510 SUSE Enterprise Linux Security Update for java-1_7_1-ibm (SUSE-SU-2022:2898-1)
- 752526 SUSE Enterprise Linux Security Update for java-1_8_0-ibm (SUSE-SU-2022:2949-1)
- 752556 SUSE Enterprise Linux Security Update for java-1_8_0-ibm (SUSE-SU-2022:3152-1)
- 752883 SUSE Enterprise Linux Security Update for java-1_8_0-ibm (SUSE-SU-2022:4166-1)
- 902573 Common Base Linux Mariner (CBL-Mariner) Security Update for openjdk8 (10371)
- 940599 AlmaLinux Security Update for java-11-openjdk (ALSA-2022:5683)
- 940601 AlmaLinux Security Update for java-1.8.0-openjdk (ALSA-2022:5696)
- 940619 AlmaLinux Security Update for java-1.8.0-openjdk (ALSA-2022:5709)
- 940621 AlmaLinux Security Update for java-17-openjdk (ALSA-2022:5736)
- 940628 AlmaLinux Security Update for java-11-openjdk (ALSA-2022:5695)
- 960159 Rocky Linux Security Update for java-17-openjdk (RLSA-2022:5726)
- 960160 Rocky Linux Security Update for java-1.8.0-openjdk (RLSA-2022:5696)
- 960161 Rocky Linux Security Update for java-11-openjdk (RLSA-2022:5683)