vulnerability
Oracle Linux: CVE-2022-34169: ELSA-2022-5696: java-1.8.0-openjdk security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:C/A:N) | 2022-07-19 | 2022-07-22 | 2025-01-07 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:N)
Published
2022-07-19
Added
2022-07-22
Modified
2025-01-07
Description
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
Solution(s)
oracle-linux-upgrade-graalvm21-ce-11oracle-linux-upgrade-graalvm21-ce-11-develoracle-linux-upgrade-graalvm21-ce-11-espressooracle-linux-upgrade-graalvm21-ce-11-fastroracle-linux-upgrade-graalvm21-ce-11-javascriptoracle-linux-upgrade-graalvm21-ce-11-jdkoracle-linux-upgrade-graalvm21-ce-11-libpolyglotoracle-linux-upgrade-graalvm21-ce-11-llvmoracle-linux-upgrade-graalvm21-ce-11-llvm-toolchainoracle-linux-upgrade-graalvm21-ce-11-native-imageoracle-linux-upgrade-graalvm21-ce-11-nodejsoracle-linux-upgrade-graalvm21-ce-11-nodejs-develoracle-linux-upgrade-graalvm21-ce-11-polyglotoracle-linux-upgrade-graalvm21-ce-11-pythonoracle-linux-upgrade-graalvm21-ce-11-python-develoracle-linux-upgrade-graalvm21-ce-11-rubyoracle-linux-upgrade-graalvm21-ce-11-ruby-develoracle-linux-upgrade-graalvm21-ce-11-toolsoracle-linux-upgrade-graalvm21-ce-11-wasmoracle-linux-upgrade-graalvm21-ce-17oracle-linux-upgrade-graalvm21-ce-17-develoracle-linux-upgrade-graalvm21-ce-17-espressooracle-linux-upgrade-graalvm21-ce-17-fastroracle-linux-upgrade-graalvm21-ce-17-javascriptoracle-linux-upgrade-graalvm21-ce-17-jdkoracle-linux-upgrade-graalvm21-ce-17-libpolyglotoracle-linux-upgrade-graalvm21-ce-17-llvmoracle-linux-upgrade-graalvm21-ce-17-llvm-toolchainoracle-linux-upgrade-graalvm21-ce-17-native-imageoracle-linux-upgrade-graalvm21-ce-17-nodejsoracle-linux-upgrade-graalvm21-ce-17-nodejs-develoracle-linux-upgrade-graalvm21-ce-17-polyglotoracle-linux-upgrade-graalvm21-ce-17-pythonoracle-linux-upgrade-graalvm21-ce-17-python-develoracle-linux-upgrade-graalvm21-ce-17-rubyoracle-linux-upgrade-graalvm21-ce-17-ruby-develoracle-linux-upgrade-graalvm21-ce-17-toolsoracle-linux-upgrade-graalvm21-ce-17-wasmoracle-linux-upgrade-graalvm22-ce-11oracle-linux-upgrade-graalvm22-ce-11-develoracle-linux-upgrade-graalvm22-ce-11-espressooracle-linux-upgrade-graalvm22-ce-11-espresso-llvmoracle-linux-upgrade-graalvm22-ce-11-fastroracle-linux-upgrade-graalvm22-ce-11-javascriptoracle-linux-upgrade-graalvm22-ce-11-jdkoracle-linux-upgrade-graalvm22-ce-11-libpolyglotoracle-linux-upgrade-graalvm22-ce-11-llvmoracle-linux-upgrade-graalvm22-ce-11-llvm-toolchainoracle-linux-upgrade-graalvm22-ce-11-native-imageoracle-linux-upgrade-graalvm22-ce-11-nodejsoracle-linux-upgrade-graalvm22-ce-11-nodejs-develoracle-linux-upgrade-graalvm22-ce-11-polyglotoracle-linux-upgrade-graalvm22-ce-11-pythonoracle-linux-upgrade-graalvm22-ce-11-python-develoracle-linux-upgrade-graalvm22-ce-11-rubyoracle-linux-upgrade-graalvm22-ce-11-ruby-develoracle-linux-upgrade-graalvm22-ce-11-toolsoracle-linux-upgrade-graalvm22-ce-11-wasmoracle-linux-upgrade-graalvm22-ce-17oracle-linux-upgrade-graalvm22-ce-17-develoracle-linux-upgrade-graalvm22-ce-17-espressooracle-linux-upgrade-graalvm22-ce-17-espresso-llvmoracle-linux-upgrade-graalvm22-ce-17-fastroracle-linux-upgrade-graalvm22-ce-17-javascriptoracle-linux-upgrade-graalvm22-ce-17-jdkoracle-linux-upgrade-graalvm22-ce-17-libpolyglotoracle-linux-upgrade-graalvm22-ce-17-llvmoracle-linux-upgrade-graalvm22-ce-17-llvm-toolchainoracle-linux-upgrade-graalvm22-ce-17-native-imageoracle-linux-upgrade-graalvm22-ce-17-nodejsoracle-linux-upgrade-graalvm22-ce-17-nodejs-develoracle-linux-upgrade-graalvm22-ce-17-polyglotoracle-linux-upgrade-graalvm22-ce-17-pythonoracle-linux-upgrade-graalvm22-ce-17-python-develoracle-linux-upgrade-graalvm22-ce-17-rubyoracle-linux-upgrade-graalvm22-ce-17-ruby-develoracle-linux-upgrade-graalvm22-ce-17-toolsoracle-linux-upgrade-graalvm22-ce-17-wasmoracle-linux-upgrade-java-11-openjdkoracle-linux-upgrade-java-11-openjdk-demooracle-linux-upgrade-java-11-openjdk-demo-fastdebugoracle-linux-upgrade-java-11-openjdk-demo-slowdebugoracle-linux-upgrade-java-11-openjdk-develoracle-linux-upgrade-java-11-openjdk-devel-fastdebugoracle-linux-upgrade-java-11-openjdk-devel-slowdebugoracle-linux-upgrade-java-11-openjdk-fastdebugoracle-linux-upgrade-java-11-openjdk-headlessoracle-linux-upgrade-java-11-openjdk-headless-fastdebugoracle-linux-upgrade-java-11-openjdk-headless-slowdebugoracle-linux-upgrade-java-11-openjdk-javadocoracle-linux-upgrade-java-11-openjdk-javadoc-ziporacle-linux-upgrade-java-11-openjdk-jmodsoracle-linux-upgrade-java-11-openjdk-jmods-fastdebugoracle-linux-upgrade-java-11-openjdk-jmods-slowdebugoracle-linux-upgrade-java-11-openjdk-slowdebugoracle-linux-upgrade-java-11-openjdk-srcoracle-linux-upgrade-java-11-openjdk-src-fastdebugoracle-linux-upgrade-java-11-openjdk-src-slowdebugoracle-linux-upgrade-java-11-openjdk-static-libsoracle-linux-upgrade-java-11-openjdk-static-libs-fastdebugoracle-linux-upgrade-java-11-openjdk-static-libs-slowdebugoracle-linux-upgrade-java-17-openjdkoracle-linux-upgrade-java-17-openjdk-demooracle-linux-upgrade-java-17-openjdk-demo-fastdebugoracle-linux-upgrade-java-17-openjdk-demo-slowdebugoracle-linux-upgrade-java-17-openjdk-develoracle-linux-upgrade-java-17-openjdk-devel-fastdebugoracle-linux-upgrade-java-17-openjdk-devel-slowdebugoracle-linux-upgrade-java-17-openjdk-fastdebugoracle-linux-upgrade-java-17-openjdk-headlessoracle-linux-upgrade-java-17-openjdk-headless-fastdebugoracle-linux-upgrade-java-17-openjdk-headless-slowdebugoracle-linux-upgrade-java-17-openjdk-javadocoracle-linux-upgrade-java-17-openjdk-javadoc-ziporacle-linux-upgrade-java-17-openjdk-jmodsoracle-linux-upgrade-java-17-openjdk-jmods-fastdebugoracle-linux-upgrade-java-17-openjdk-jmods-slowdebugoracle-linux-upgrade-java-17-openjdk-slowdebugoracle-linux-upgrade-java-17-openjdk-srcoracle-linux-upgrade-java-17-openjdk-src-fastdebugoracle-linux-upgrade-java-17-openjdk-src-slowdebugoracle-linux-upgrade-java-17-openjdk-static-libsoracle-linux-upgrade-java-17-openjdk-static-libs-fastdebugoracle-linux-upgrade-java-17-openjdk-static-libs-slowdebugoracle-linux-upgrade-java-1-8-0-openjdkoracle-linux-upgrade-java-1-8-0-openjdk-accessibilityoracle-linux-upgrade-java-1-8-0-openjdk-accessibility-fastdebugoracle-linux-upgrade-java-1-8-0-openjdk-accessibility-slowdebugoracle-linux-upgrade-java-1-8-0-openjdk-demooracle-linux-upgrade-java-1-8-0-openjdk-demo-fastdebugoracle-linux-upgrade-java-1-8-0-openjdk-demo-slowdebugoracle-linux-upgrade-java-1-8-0-openjdk-develoracle-linux-upgrade-java-1-8-0-openjdk-devel-fastdebugoracle-linux-upgrade-java-1-8-0-openjdk-devel-slowdebugoracle-linux-upgrade-java-1-8-0-openjdk-fastdebugoracle-linux-upgrade-java-1-8-0-openjdk-headlessoracle-linux-upgrade-java-1-8-0-openjdk-headless-fastdebugoracle-linux-upgrade-java-1-8-0-openjdk-headless-slowdebugoracle-linux-upgrade-java-1-8-0-openjdk-javadocoracle-linux-upgrade-java-1-8-0-openjdk-javadoc-ziporacle-linux-upgrade-java-1-8-0-openjdk-slowdebugoracle-linux-upgrade-java-1-8-0-openjdk-srcoracle-linux-upgrade-java-1-8-0-openjdk-src-fastdebugoracle-linux-upgrade-java-1-8-0-openjdk-src-slowdebug
References
- CVE-2022-34169
- https://attackerkb.com/topics/CVE-2022-34169
- ELSA-ELSA-2022-5696
- ELSA-ELSA-2022-9653
- ELSA-ELSA-2022-9645
- ELSA-ELSA-2022-5698
- ELSA-ELSA-2022-9655
- ELSA-ELSA-2022-9648
- ELSA-ELSA-2022-9644
- ELSA-ELSA-2022-9656
- ELSA-ELSA-2022-9652
- ELSA-ELSA-2022-9647
- ELSA-ELSA-2022-5695
- ELSA-ELSA-2022-9650
- ELSA-ELSA-2022-9643
- ELSA-ELSA-2022-5726
- ELSA-ELSA-2022-9642
- ELSA-ELSA-2022-9649
- ELSA-ELSA-2022-5736
- ELSA-ELSA-2022-9651
- ELSA-ELSA-2022-5709
- ELSA-ELSA-2022-9646
- ELSA-ELSA-2022-5683
- ELSA-ELSA-2022-5687
- ELSA-ELSA-2022-9641
- ELSA-ELSA-2022-9654
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.