CVE-2022-34169

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-34169

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-34169.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-34169

Aliases

GHSA-9339-86wc-4qgf

Downstream

DEBIAN-CVE-2022-34169

DLA-3155-1

DSA-5188-1

DSA-5192-1

DSA-5256-1

OESA-2022-1786

OESA-2022-1832

OESA-2022-1849

OESA-2022-1977

RHSA-2022:5681

RHSA-2022:5683

RHSA-2022:5684

RHSA-2022:5685

RHSA-2022:5687

RHSA-2022:5695

RHSA-2022:5696

RHSA-2022:5697

RHSA-2022:5698

RHSA-2022:5700

RHSA-2022:5701

RHSA-2022:5709

RHSA-2022:5726

RHSA-2022:5736

RHSA-2024:10207

RHSA-2024:10208

RHSA-2024:8075

RHSA-2024:8076

RHSA-2024:8077

RHSA-2024:8823

RHSA-2024:8824

RLSA-2022:5683

RLSA-2022:5696

RLSA-2022:5726

SUSE-RU-2024:3971-1

SUSE-SU-2022:2610-1

SUSE-SU-2022:2660-1

SUSE-SU-2022:2707-1

SUSE-SU-2022:2819-1

SUSE-SU-2022:2856-1

SUSE-SU-2022:2898-1

SUSE-SU-2022:2899-1

SUSE-SU-2022:2949-1

SUSE-SU-2022:3092-1

SUSE-SU-2022:3152-1

SUSE-SU-2022:4166-1

UBUNTU-CVE-2022-34169

USN-5546-1

USN-5546-2

openSUSE-SU-2024:12201-1

openSUSE-SU-2024:12202-1

openSUSE-SU-2024:12203-1

openSUSE-SU-2024:12207-1

openSUSE-SU-2024:12208-1

openSUSE-SU-2024:12234-1

openSUSE-SU-2024:12261-1

openSUSE-SU-2024:12263-1

openSUSE-SU-2024:13189-1

openSUSE-SU-2024:13440-1

openSUSE-SU-2024:14174-1

openSUSE-SU-2025:0066-1

openSUSE-SU-2025:14697-1

Related

Published

2022-07-19T18:15:11.740Z

Modified

2026-03-02T01:35:47.682223Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.

References

Affected packages

Git / github.com/openjdk/jdk15u

Affected ranges

Type: GIT
Repo: https://github.com/openjdk/jdk15u
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

38378b7ee032d70653b3f0d4205f2305cf4f1170

Introduced

4a588d89f01a650d90432cc14697a5a2ae2c97d3

Last affected

02e3b1dd58b824d5a9b44ff3cf2f53061b5c5ffd

Affected versions

Other

jdk-15+36

jdk-15-ga

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-34169.json"