UBUNTU-CVE-2022-34169

Source
https://ubuntu.com/security/CVE-2022-34169
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-34169.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2022-34169
Related
Published
2022-07-19T18:15:00Z
Modified
2024-12-18T16:39:26Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.

References

Affected packages

Ubuntu:Pro:14.04:LTS / libxalan2-java

Package

Name
libxalan2-java
Purl
pkg:deb/ubuntu/libxalan2-java?arch=src?distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.1-8
2.7.1-9

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / libxalan2-java

Package

Name
libxalan2-java
Purl
pkg:deb/ubuntu/libxalan2-java?arch=src?distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.1-9

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / openjdk-8

Package

Name
openjdk-8
Purl
pkg:deb/ubuntu/openjdk-8?arch=src?distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u342-b07-0ubuntu1~16.04

Affected versions

Other

8u66-b01-5
8u72-b05-1ubuntu1
8u72-b05-5
8u72-b05-6
8u72-b15-1
8u72-b15-2ubuntu1
8u72-b15-2ubuntu3
8u72-b15-3ubuntu1
8u77-b03-1ubuntu2
8u77-b03-3ubuntu1
8u77-b03-3ubuntu2
8u77-b03-3ubuntu3

8u91-b14-0ubuntu4~16.*

8u91-b14-0ubuntu4~16.04.1

8u91-b14-3ubuntu1~16.*

8u91-b14-3ubuntu1~16.04.1

8u111-b14-2ubuntu0.*

8u111-b14-2ubuntu0.16.04.2

8u121-b13-0ubuntu1.*

8u121-b13-0ubuntu1.16.04.2

8u131-b11-0ubuntu1.*

8u131-b11-0ubuntu1.16.04.2

8u131-b11-2ubuntu1.*

8u131-b11-2ubuntu1.16.04.2
8u131-b11-2ubuntu1.16.04.3

8u151-b12-0ubuntu0.*

8u151-b12-0ubuntu0.16.04.2

8u162-b12-0ubuntu0.*

8u162-b12-0ubuntu0.16.04.2

8u171-b11-0ubuntu0.*

8u171-b11-0ubuntu0.16.04.1

8u181-b13-0ubuntu0.*

8u181-b13-0ubuntu0.16.04.1

8u181-b13-1ubuntu0.*

8u181-b13-1ubuntu0.16.04.1

8u191-b12-0ubuntu0.*

8u191-b12-0ubuntu0.16.04.1

8u191-b12-2ubuntu0.*

8u191-b12-2ubuntu0.16.04.1

8u212-b03-0ubuntu1.*

8u212-b03-0ubuntu1.16.04.1

8u222-b10-1ubuntu1~16.*

8u222-b10-1ubuntu1~16.04.1

8u232-b09-0ubuntu1~16.*

8u232-b09-0ubuntu1~16.04.1

8u242-b08-0ubuntu3~16.*

8u242-b08-0ubuntu3~16.04

8u252-b09-1~16.*

8u252-b09-1~16.04

8u265-b01-0ubuntu2~16.*

8u265-b01-0ubuntu2~16.04

8u272-b10-0ubuntu1~16.*

8u272-b10-0ubuntu1~16.04

8u275-b01-0ubuntu1~16.*

8u275-b01-0ubuntu1~16.04

8u282-b08-0ubuntu1~16.*

8u282-b08-0ubuntu1~16.04

8u292-b10-0ubuntu1~16.*

8u292-b10-0ubuntu1~16.04.1

8u312-b07-0ubuntu1~16.*

8u312-b07-0ubuntu1~16.04

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-dbg"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-demo"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-demo-dbgsym"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-doc"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-jdk"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-jdk-headless"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-jre"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-jre-dbgsym"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-jre-headless"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-jre-headless-dbgsym"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-jre-jamvm"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-jre-zero"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~16.04",
            "binary_name": "openjdk-8-source"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / openjdk-9

Package

Name
openjdk-9
Purl
pkg:deb/ubuntu/openjdk-9?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

Other

9~b88-1
9~b101-2ubuntu2
9~b102-1
9~b113-0ubuntu1
9~b114-0ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:18.04:LTS / openjdk-17

Package

Name
openjdk-17
Purl
pkg:deb/ubuntu/openjdk-17?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.0.4+8-1~18.04

Affected versions

17+35-1~18.*

17+35-1~18.04

17.*

17.0.1+12-1~18.04
17.0.2+8-1~18.04
17.0.3+7-0ubuntu0.18.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "17.0.4+8-1~18.04",
            "binary_name": "openjdk-17-dbg"
        },
        {
            "binary_version": "17.0.4+8-1~18.04",
            "binary_name": "openjdk-17-demo"
        },
        {
            "binary_version": "17.0.4+8-1~18.04",
            "binary_name": "openjdk-17-doc"
        },
        {
            "binary_version": "17.0.4+8-1~18.04",
            "binary_name": "openjdk-17-jdk"
        },
        {
            "binary_version": "17.0.4+8-1~18.04",
            "binary_name": "openjdk-17-jdk-headless"
        },
        {
            "binary_version": "17.0.4+8-1~18.04",
            "binary_name": "openjdk-17-jre"
        },
        {
            "binary_version": "17.0.4+8-1~18.04",
            "binary_name": "openjdk-17-jre-headless"
        },
        {
            "binary_version": "17.0.4+8-1~18.04",
            "binary_name": "openjdk-17-jre-zero"
        },
        {
            "binary_version": "17.0.4+8-1~18.04",
            "binary_name": "openjdk-17-source"
        }
    ]
}

Ubuntu:18.04:LTS / openjdk-8

Package

Name
openjdk-8
Purl
pkg:deb/ubuntu/openjdk-8?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u342-b07-0ubuntu1~18.04

Affected versions

Other

8u144-b01-2
8u151-b12-1
8u162-b12-1

8u171-b11-0ubuntu0.*

8u171-b11-0ubuntu0.18.04.1

8u181-b13-0ubuntu0.*

8u181-b13-0ubuntu0.18.04.1

8u181-b13-1ubuntu0.*

8u181-b13-1ubuntu0.18.04.1

8u191-b12-0ubuntu0.*

8u191-b12-0ubuntu0.18.04.1

8u191-b12-2ubuntu0.*

8u191-b12-2ubuntu0.18.04.1

8u212-b03-0ubuntu1.*

8u212-b03-0ubuntu1.18.04.1

8u222-b10-1ubuntu1~18.*

8u222-b10-1ubuntu1~18.04.1

8u232-b09-0ubuntu1~18.*

8u232-b09-0ubuntu1~18.04.1

8u242-b08-0ubuntu3~18.*

8u242-b08-0ubuntu3~18.04

8u252-b09-1~18.*

8u252-b09-1~18.04

8u265-b01-0ubuntu2~18.*

8u265-b01-0ubuntu2~18.04

8u272-b10-0ubuntu1~18.*

8u272-b10-0ubuntu1~18.04

8u275-b01-0ubuntu1~18.*

8u275-b01-0ubuntu1~18.04

8u282-b08-0ubuntu1~18.*

8u282-b08-0ubuntu1~18.04

8u292-b10-0ubuntu1~18.*

8u292-b10-0ubuntu1~18.04

8u312-b07-0ubuntu1~18.*

8u312-b07-0ubuntu1~18.04

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "8u342-b07-0ubuntu1~18.04",
            "binary_name": "openjdk-8-dbg"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~18.04",
            "binary_name": "openjdk-8-demo"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~18.04",
            "binary_name": "openjdk-8-doc"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~18.04",
            "binary_name": "openjdk-8-jdk"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~18.04",
            "binary_name": "openjdk-8-jdk-headless"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~18.04",
            "binary_name": "openjdk-8-jre"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~18.04",
            "binary_name": "openjdk-8-jre-headless"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~18.04",
            "binary_name": "openjdk-8-jre-zero"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~18.04",
            "binary_name": "openjdk-8-source"
        }
    ]
}

Ubuntu:18.04:LTS / openjdk-lts

Package

Name
openjdk-lts
Purl
pkg:deb/ubuntu/openjdk-lts?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.0.16+8-0ubuntu1~18.04

Affected versions

9.*

9.0.4+12-2ubuntu4
9.0.4+12-4ubuntu1

Other

10~46-4ubuntu1
10~46-5ubuntu1

10.*

10.0.1+10-1ubuntu2
10.0.1+10-3ubuntu1
10.0.2+13-1ubuntu0.18.04.1
10.0.2+13-1ubuntu0.18.04.2
10.0.2+13-1ubuntu0.18.04.3
10.0.2+13-1ubuntu0.18.04.4

11.*

11.0.2+9-3ubuntu1~18.04.3
11.0.3+7-1ubuntu2~18.04.1
11.0.4+11-1ubuntu2~18.04.3
11.0.5+10-0ubuntu1.1~18.04
11.0.6+10-1ubuntu1~18.04.1
11.0.7+10-2ubuntu2~18.04
11.0.8+10-0ubuntu1~18.04.1
11.0.9+11-0ubuntu1~18.04.1
11.0.9.1+1-0ubuntu1~18.04
11.0.10+9-0ubuntu1~18.04
11.0.11+9-0ubuntu2~18.04
11.0.13+8-0ubuntu1~18.04
11.0.14+9-0ubuntu2~18.04
11.0.14.1+1-0ubuntu1~18.04
11.0.15+10-0ubuntu0.18.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "11.0.16+8-0ubuntu1~18.04",
            "binary_name": "openjdk-11-dbg"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~18.04",
            "binary_name": "openjdk-11-demo"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~18.04",
            "binary_name": "openjdk-11-doc"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~18.04",
            "binary_name": "openjdk-11-jdk"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~18.04",
            "binary_name": "openjdk-11-jdk-headless"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~18.04",
            "binary_name": "openjdk-11-jre"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~18.04",
            "binary_name": "openjdk-11-jre-headless"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~18.04",
            "binary_name": "openjdk-11-jre-zero"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~18.04",
            "binary_name": "openjdk-11-source"
        }
    ]
}

Ubuntu:Pro:18.04:LTS / libxalan2-java

Package

Name
libxalan2-java
Purl
pkg:deb/ubuntu/libxalan2-java?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.1-9
2.7.2-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / libxalan2-java

Package

Name
libxalan2-java
Purl
pkg:deb/ubuntu/libxalan2-java?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / openjdk-13

Package

Name
openjdk-13
Purl
pkg:deb/ubuntu/openjdk-13?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

Other

13+33-1

13.*

13.0.1+9-2
13.0.2+8-1
13.0.2+8-2
13.0.3+3-1ubuntu2
13.0.4+8-1~20.04
13.0.7+5-0ubuntu1~20.04

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / openjdk-16

Package

Name
openjdk-16
Purl
pkg:deb/ubuntu/openjdk-16?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

16.*

16.0.1+9-1~20.04

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / openjdk-17

Package

Name
openjdk-17
Purl
pkg:deb/ubuntu/openjdk-17?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.0.4+8-1~20.04

Affected versions

17+35-1~20.*

17+35-1~20.04

17.*

17.0.1+12-1~20.04
17.0.2+8-1~20.04
17.0.3+7-0ubuntu0.20.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "17.0.4+8-1~20.04",
            "binary_name": "openjdk-17-dbg"
        },
        {
            "binary_version": "17.0.4+8-1~20.04",
            "binary_name": "openjdk-17-demo"
        },
        {
            "binary_version": "17.0.4+8-1~20.04",
            "binary_name": "openjdk-17-doc"
        },
        {
            "binary_version": "17.0.4+8-1~20.04",
            "binary_name": "openjdk-17-jdk"
        },
        {
            "binary_version": "17.0.4+8-1~20.04",
            "binary_name": "openjdk-17-jdk-headless"
        },
        {
            "binary_version": "17.0.4+8-1~20.04",
            "binary_name": "openjdk-17-jre"
        },
        {
            "binary_version": "17.0.4+8-1~20.04",
            "binary_name": "openjdk-17-jre-headless"
        },
        {
            "binary_version": "17.0.4+8-1~20.04",
            "binary_name": "openjdk-17-jre-zero"
        },
        {
            "binary_version": "17.0.4+8-1~20.04",
            "binary_name": "openjdk-17-source"
        }
    ]
}

Ubuntu:20.04:LTS / openjdk-8

Package

Name
openjdk-8
Purl
pkg:deb/ubuntu/openjdk-8?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u342-b07-0ubuntu1~20.04

Affected versions

Other

8u232-b09-0ubuntu1
8u232-b09-1
8u242-b04-1
8u242-b08-0ubuntu3
8u252-b07-1
8u252-b09-1ubuntu1

8u265-b01-0ubuntu2~20.*

8u265-b01-0ubuntu2~20.04

8u272-b10-0ubuntu1~20.*

8u272-b10-0ubuntu1~20.04

8u275-b01-0ubuntu1~20.*

8u275-b01-0ubuntu1~20.04

8u282-b08-0ubuntu1~20.*

8u282-b08-0ubuntu1~20.04

8u292-b10-0ubuntu1~20.*

8u292-b10-0ubuntu1~20.04

8u312-b07-0ubuntu1~20.*

8u312-b07-0ubuntu1~20.04

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "8u342-b07-0ubuntu1~20.04",
            "binary_name": "openjdk-8-dbg"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~20.04",
            "binary_name": "openjdk-8-demo"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~20.04",
            "binary_name": "openjdk-8-doc"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~20.04",
            "binary_name": "openjdk-8-jdk"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~20.04",
            "binary_name": "openjdk-8-jdk-headless"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~20.04",
            "binary_name": "openjdk-8-jre"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~20.04",
            "binary_name": "openjdk-8-jre-headless"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~20.04",
            "binary_name": "openjdk-8-jre-zero"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~20.04",
            "binary_name": "openjdk-8-source"
        }
    ]
}

Ubuntu:20.04:LTS / openjdk-lts

Package

Name
openjdk-lts
Purl
pkg:deb/ubuntu/openjdk-lts?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.0.16+8-0ubuntu1~20.04

Affected versions

11.*

11.0.5+10-0ubuntu1
11.0.5+10-2ubuntu1
11.0.6+10-1ubuntu1
11.0.6+10-2ubuntu2
11.0.7+9-1ubuntu1
11.0.7+10-2ubuntu1
11.0.7+10-3ubuntu1
11.0.8+10-0ubuntu1~20.04
11.0.9+11-0ubuntu1~20.04
11.0.9.1+1-0ubuntu1~20.04
11.0.10+9-0ubuntu1~20.04
11.0.11+9-0ubuntu2~20.04
11.0.13+8-0ubuntu1~20.04
11.0.14+9-0ubuntu2~20.04
11.0.14.1+1-0ubuntu1~20.04
11.0.15+10-0ubuntu0.20.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "11.0.16+8-0ubuntu1~20.04",
            "binary_name": "openjdk-11-dbg"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~20.04",
            "binary_name": "openjdk-11-demo"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~20.04",
            "binary_name": "openjdk-11-doc"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~20.04",
            "binary_name": "openjdk-11-jdk"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~20.04",
            "binary_name": "openjdk-11-jdk-headless"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~20.04",
            "binary_name": "openjdk-11-jre"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~20.04",
            "binary_name": "openjdk-11-jre-headless"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~20.04",
            "binary_name": "openjdk-11-jre-zero"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~20.04",
            "binary_name": "openjdk-11-source"
        }
    ]
}

Ubuntu:22.04:LTS / libxalan2-java

Package

Name
libxalan2-java
Purl
pkg:deb/ubuntu/libxalan2-java?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / openjdk-17

Package

Name
openjdk-17
Purl
pkg:deb/ubuntu/openjdk-17?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.0.4+8-1~22.04

Affected versions

Other

17+35-1

17.*

17.0.1+12-1
17.0.2+8-1
17.0.3+7-0ubuntu0.22.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "17.0.4+8-1~22.04",
            "binary_name": "openjdk-17-dbg"
        },
        {
            "binary_version": "17.0.4+8-1~22.04",
            "binary_name": "openjdk-17-demo"
        },
        {
            "binary_version": "17.0.4+8-1~22.04",
            "binary_name": "openjdk-17-doc"
        },
        {
            "binary_version": "17.0.4+8-1~22.04",
            "binary_name": "openjdk-17-jdk"
        },
        {
            "binary_version": "17.0.4+8-1~22.04",
            "binary_name": "openjdk-17-jdk-headless"
        },
        {
            "binary_version": "17.0.4+8-1~22.04",
            "binary_name": "openjdk-17-jre"
        },
        {
            "binary_version": "17.0.4+8-1~22.04",
            "binary_name": "openjdk-17-jre-headless"
        },
        {
            "binary_version": "17.0.4+8-1~22.04",
            "binary_name": "openjdk-17-jre-zero"
        },
        {
            "binary_version": "17.0.4+8-1~22.04",
            "binary_name": "openjdk-17-source"
        }
    ]
}

Ubuntu:22.04:LTS / openjdk-18

Package

Name
openjdk-18
Purl
pkg:deb/ubuntu/openjdk-18?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
18.0.2+9-2~22.04

Affected versions

Other

18~15ea-4
18~20ea-1
18~32ea-1
18~36ea-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "18.0.2+9-2~22.04",
            "binary_name": "openjdk-18-dbg"
        },
        {
            "binary_version": "18.0.2+9-2~22.04",
            "binary_name": "openjdk-18-demo"
        },
        {
            "binary_version": "18.0.2+9-2~22.04",
            "binary_name": "openjdk-18-doc"
        },
        {
            "binary_version": "18.0.2+9-2~22.04",
            "binary_name": "openjdk-18-jdk"
        },
        {
            "binary_version": "18.0.2+9-2~22.04",
            "binary_name": "openjdk-18-jdk-headless"
        },
        {
            "binary_version": "18.0.2+9-2~22.04",
            "binary_name": "openjdk-18-jre"
        },
        {
            "binary_version": "18.0.2+9-2~22.04",
            "binary_name": "openjdk-18-jre-headless"
        },
        {
            "binary_version": "18.0.2+9-2~22.04",
            "binary_name": "openjdk-18-jre-zero"
        },
        {
            "binary_version": "18.0.2+9-2~22.04",
            "binary_name": "openjdk-18-source"
        }
    ]
}

Ubuntu:22.04:LTS / openjdk-8

Package

Name
openjdk-8
Purl
pkg:deb/ubuntu/openjdk-8?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8u342-b07-0ubuntu1~22.04

Affected versions

Other

8u302-b08-0ubuntu2
8u312-b07-0ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "8u342-b07-0ubuntu1~22.04",
            "binary_name": "openjdk-8-dbg"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~22.04",
            "binary_name": "openjdk-8-demo"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~22.04",
            "binary_name": "openjdk-8-doc"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~22.04",
            "binary_name": "openjdk-8-jdk"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~22.04",
            "binary_name": "openjdk-8-jdk-headless"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~22.04",
            "binary_name": "openjdk-8-jre"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~22.04",
            "binary_name": "openjdk-8-jre-headless"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~22.04",
            "binary_name": "openjdk-8-jre-zero"
        },
        {
            "binary_version": "8u342-b07-0ubuntu1~22.04",
            "binary_name": "openjdk-8-source"
        }
    ]
}

Ubuntu:22.04:LTS / openjdk-lts

Package

Name
openjdk-lts
Purl
pkg:deb/ubuntu/openjdk-lts?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.0.16+8-0ubuntu1~22.04

Affected versions

11.*

11.0.12+7-0ubuntu3
11.0.13+8-0ubuntu1
11.0.14+9-0ubuntu2
11.0.14.1+1-0ubuntu1
11.0.15+10-0ubuntu0.22.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "11.0.16+8-0ubuntu1~22.04",
            "binary_name": "openjdk-11-dbg"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~22.04",
            "binary_name": "openjdk-11-demo"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~22.04",
            "binary_name": "openjdk-11-doc"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~22.04",
            "binary_name": "openjdk-11-jdk"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~22.04",
            "binary_name": "openjdk-11-jdk-headless"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~22.04",
            "binary_name": "openjdk-11-jre"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~22.04",
            "binary_name": "openjdk-11-jre-headless"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~22.04",
            "binary_name": "openjdk-11-jre-zero"
        },
        {
            "binary_version": "11.0.16+8-0ubuntu1~22.04",
            "binary_name": "openjdk-11-source"
        }
    ]
}

Ubuntu:24.10 / libxalan2-java

Package

Name
libxalan2-java
Purl
pkg:deb/ubuntu/libxalan2-java?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / libxalan2-java

Package

Name
libxalan2-java
Purl
pkg:deb/ubuntu/libxalan2-java?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}