Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/xalan/xalan@2.7.2
Typemaven
Namespacexalan
Namexalan
Version2.7.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.7.3
Latest_non_vulnerable_version2.7.3
Affected_by_vulnerabilities
0
url VCID-rfs8-njaq-qkc8
vulnerability_id VCID-rfs8-njaq-qkc8
summary 
Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.

A fix for this issue was published in September 2022 as part of an anticipated 2.7.3 release.
references
0
reference_url http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-34169
reference_id
reference_type
scores
0
value 0.06658
scoring_system epss
scoring_elements 0.91215
published_at 2026-04-13T12:55:00Z
1
value 0.06658
scoring_system epss
scoring_elements 0.91216
published_at 2026-04-12T12:55:00Z
2
value 0.06658
scoring_system epss
scoring_elements 0.91212
published_at 2026-04-11T12:55:00Z
3
value 0.06658
scoring_system epss
scoring_elements 0.91206
published_at 2026-04-09T12:55:00Z
4
value 0.06658
scoring_system epss
scoring_elements 0.91199
published_at 2026-04-08T12:55:00Z
5
value 0.06658
scoring_system epss
scoring_elements 0.91186
published_at 2026-04-07T12:55:00Z
6
value 0.06658
scoring_system epss
scoring_elements 0.9124
published_at 2026-04-21T12:55:00Z
7
value 0.06658
scoring_system epss
scoring_elements 0.91239
published_at 2026-04-18T12:55:00Z
8
value 0.08992
scoring_system epss
scoring_elements 0.92585
published_at 2026-04-02T12:55:00Z
9
value 0.08992
scoring_system epss
scoring_elements 0.92592
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-34169
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://gitbox.apache.org/repos/asf?p=xalan-java.git
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://gitbox.apache.org/repos/asf?p=xalan-java.git
9
reference_url https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81
10
reference_url https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573
11
reference_url https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21
12
reference_url https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw
13
reference_url https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8
14
reference_url https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471
15
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-34169
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-34169
29
reference_url https://security.gentoo.org/glsa/202401-25
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202401-25
30
reference_url https://security.netapp.com/advisory/ntap-20220729-0009
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220729-0009
31
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
32
reference_url https://www.debian.org/security/2022/dsa-5188
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5188
33
reference_url https://www.debian.org/security/2022/dsa-5192
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5192
34
reference_url https://www.debian.org/security/2022/dsa-5256
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5256
35
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
36
reference_url https://xalan.apache.org
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://xalan.apache.org
37
reference_url http://www.openwall.com/lists/oss-security/2022/07/19/5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/07/19/5
38
reference_url http://www.openwall.com/lists/oss-security/2022/07/19/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/07/19/6
39
reference_url http://www.openwall.com/lists/oss-security/2022/07/20/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/07/20/2
40
reference_url http://www.openwall.com/lists/oss-security/2022/07/20/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/07/20/3
41
reference_url http://www.openwall.com/lists/oss-security/2022/10/18/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/10/18/2
42
reference_url http://www.openwall.com/lists/oss-security/2022/11/04/8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/04/8
43
reference_url http://www.openwall.com/lists/oss-security/2022/11/07/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/11/07/2
44
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860
reference_id 1015860
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860
45
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2108554
reference_id 2108554
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2108554
46
reference_url https://github.com/advisories/GHSA-9339-86wc-4qgf
reference_id GHSA-9339-86wc-4qgf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9339-86wc-4qgf
47
reference_url https://security.gentoo.org/glsa/202405-16
reference_id GLSA-202405-16
reference_type
scores
url https://security.gentoo.org/glsa/202405-16
48
reference_url https://access.redhat.com/errata/RHSA-2022:5681
reference_id RHSA-2022:5681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5681
49
reference_url https://access.redhat.com/errata/RHSA-2022:5683
reference_id RHSA-2022:5683
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5683
50
reference_url https://access.redhat.com/errata/RHSA-2022:5684
reference_id RHSA-2022:5684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5684
51
reference_url https://access.redhat.com/errata/RHSA-2022:5685
reference_id RHSA-2022:5685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5685
52
reference_url https://access.redhat.com/errata/RHSA-2022:5687
reference_id RHSA-2022:5687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5687
53
reference_url https://access.redhat.com/errata/RHSA-2022:5695
reference_id RHSA-2022:5695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5695
54
reference_url https://access.redhat.com/errata/RHSA-2022:5696
reference_id RHSA-2022:5696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5696
55
reference_url https://access.redhat.com/errata/RHSA-2022:5697
reference_id RHSA-2022:5697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5697
56
reference_url https://access.redhat.com/errata/RHSA-2022:5698
reference_id RHSA-2022:5698
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5698
57
reference_url https://access.redhat.com/errata/RHSA-2022:5700
reference_id RHSA-2022:5700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5700
58
reference_url https://access.redhat.com/errata/RHSA-2022:5701
reference_id RHSA-2022:5701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5701
59
reference_url https://access.redhat.com/errata/RHSA-2022:5709
reference_id RHSA-2022:5709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5709
60
reference_url https://access.redhat.com/errata/RHSA-2022:5726
reference_id RHSA-2022:5726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5726
61
reference_url https://access.redhat.com/errata/RHSA-2022:5736
reference_id RHSA-2022:5736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5736
62
reference_url https://access.redhat.com/errata/RHSA-2022:5753
reference_id RHSA-2022:5753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5753
63
reference_url https://access.redhat.com/errata/RHSA-2022:5754
reference_id RHSA-2022:5754
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5754
64
reference_url https://access.redhat.com/errata/RHSA-2022:5755
reference_id RHSA-2022:5755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5755
65
reference_url https://access.redhat.com/errata/RHSA-2022:5756
reference_id RHSA-2022:5756
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5756
66
reference_url https://access.redhat.com/errata/RHSA-2022:5757
reference_id RHSA-2022:5757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5757
67
reference_url https://access.redhat.com/errata/RHSA-2022:5758
reference_id RHSA-2022:5758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5758
68
reference_url https://access.redhat.com/errata/RHSA-2024:3708
reference_id RHSA-2024:3708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3708
69
reference_url https://usn.ubuntu.com/5546-1/
reference_id USN-5546-1
reference_type
scores
url https://usn.ubuntu.com/5546-1/
70
reference_url https://usn.ubuntu.com/5546-2/
reference_id USN-5546-2
reference_type
scores
url https://usn.ubuntu.com/5546-2/
fixed_packages
0
url pkg:maven/xalan/xalan@2.7.3
purl pkg:maven/xalan/xalan@2.7.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xalan/xalan@2.7.3
aliases CVE-2022-34169, GHSA-9339-86wc-4qgf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rfs8-njaq-qkc8
Fixing_vulnerabilities
0
url VCID-kcrm-j8h2-8qbt
vulnerability_id VCID-kcrm-j8h2-8qbt
summary The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0348.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0348.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1351.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1351.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-1888.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1888.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0107.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0107.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0107
reference_id
reference_type
scores
0
value 0.08846
scoring_system epss
scoring_elements 0.92559
published_at 2026-04-21T12:55:00Z
1
value 0.08846
scoring_system epss
scoring_elements 0.92513
published_at 2026-04-02T12:55:00Z
2
value 0.08846
scoring_system epss
scoring_elements 0.9252
published_at 2026-04-04T12:55:00Z
3
value 0.08846
scoring_system epss
scoring_elements 0.92546
published_at 2026-04-12T12:55:00Z
4
value 0.08846
scoring_system epss
scoring_elements 0.92538
published_at 2026-04-09T12:55:00Z
5
value 0.08846
scoring_system epss
scoring_elements 0.92545
published_at 2026-04-13T12:55:00Z
6
value 0.08846
scoring_system epss
scoring_elements 0.92522
published_at 2026-04-07T12:55:00Z
7
value 0.08846
scoring_system epss
scoring_elements 0.92508
published_at 2026-04-01T12:55:00Z
8
value 0.08846
scoring_system epss
scoring_elements 0.92534
published_at 2026-04-08T12:55:00Z
9
value 0.08846
scoring_system epss
scoring_elements 0.92556
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0107
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/92023
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/92023
7
reference_url https://github.com/apache/xalan-java
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/xalan-java
8
reference_url https://github.com/apache/xalan-j/commit/cbfd906cc5a1f1566fa1a98400c82e56077fae0c
reference_id
reference_type
scores
url https://github.com/apache/xalan-j/commit/cbfd906cc5a1f1566fa1a98400c82e56077fae0c
9
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
10
reference_url https://issues.apache.org/jira/browse/XALANJ-2435
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/XALANJ-2435
11
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca@%3Cdev.tomcat.apache.org%3E
15
reference_url https://security.gentoo.org/glsa/201604-02
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201604-02
16
reference_url http://svn.apache.org/viewvc?view=revision&revision=1581058
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc?view=revision&revision=1581058
17
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
18
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
19
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
20
reference_url https://www.tenable.com/security/tns-2018-15
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2018-15
21
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21674334
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21674334
22
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21676093
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21676093
23
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21677145
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21677145
24
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21680703
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21680703
25
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21681933
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21681933
26
reference_url http://www.debian.org/security/2014/dsa-2886
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2886
27
reference_url http://www.ibm.com/support/docview.wss?uid=swg21677967
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ibm.com/support/docview.wss?uid=swg21677967
28
reference_url http://www.ocert.org/advisories/ocert-2014-002.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ocert.org/advisories/ocert-2014-002.html
29
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
30
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1080248
reference_id 1080248
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1080248
32
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742577
reference_id 742577
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742577
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0107
reference_id CVE-2014-0107
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0107
34
reference_url https://github.com/advisories/GHSA-rc2w-r4jq-7pfx
reference_id GHSA-rc2w-r4jq-7pfx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rc2w-r4jq-7pfx
35
reference_url https://access.redhat.com/errata/RHSA-2014:0348
reference_id RHSA-2014:0348
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0348
36
reference_url https://access.redhat.com/errata/RHSA-2014:0453
reference_id RHSA-2014:0453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0453
37
reference_url https://access.redhat.com/errata/RHSA-2014:0454
reference_id RHSA-2014:0454
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0454
38
reference_url https://access.redhat.com/errata/RHSA-2014:0590
reference_id RHSA-2014:0590
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0590
39
reference_url https://access.redhat.com/errata/RHSA-2014:0591
reference_id RHSA-2014:0591
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0591
40
reference_url https://access.redhat.com/errata/RHSA-2014:0818
reference_id RHSA-2014:0818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0818
41
reference_url https://access.redhat.com/errata/RHSA-2014:0819
reference_id RHSA-2014:0819
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0819
42
reference_url https://access.redhat.com/errata/RHSA-2014:1007
reference_id RHSA-2014:1007
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1007
43
reference_url https://access.redhat.com/errata/RHSA-2014:1059
reference_id RHSA-2014:1059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1059
44
reference_url https://access.redhat.com/errata/RHSA-2014:1290
reference_id RHSA-2014:1290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1290
45
reference_url https://access.redhat.com/errata/RHSA-2014:1291
reference_id RHSA-2014:1291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1291
46
reference_url https://access.redhat.com/errata/RHSA-2014:1351
reference_id RHSA-2014:1351
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1351
47
reference_url https://access.redhat.com/errata/RHSA-2014:1369
reference_id RHSA-2014:1369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1369
48
reference_url https://access.redhat.com/errata/RHSA-2014:1995
reference_id RHSA-2014:1995
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1995
49
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
50
reference_url https://access.redhat.com/errata/RHSA-2015:1888
reference_id RHSA-2015:1888
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1888
51
reference_url https://usn.ubuntu.com/2218-1/
reference_id USN-2218-1
reference_type
scores
url https://usn.ubuntu.com/2218-1/
fixed_packages
0
url pkg:maven/xalan/xalan@2.7.2
purl pkg:maven/xalan/xalan@2.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rfs8-njaq-qkc8
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/xalan/xalan@2.7.2
aliases CVE-2014-0107, GHSA-rc2w-r4jq-7pfx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcrm-j8h2-8qbt
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/xalan/xalan@2.7.2