Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/xalan/xalan@2.7.3
purl pkg:maven/xalan/xalan@2.7.3
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-rfs8-njaq-qkc8 Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. A fix for this issue was published in September 2022 as part of an anticipated 2.7.3 release. CVE-2022-34169
GHSA-9339-86wc-4qgf

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:05:55.952754+00:00 GitLab Importer Fixing VCID-rfs8-njaq-qkc8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/xalan/xalan/CVE-2022-34169.yml 38.4.0
2026-04-11T23:21:56.605846+00:00 GitLab Importer Fixing VCID-rfs8-njaq-qkc8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/xalan/xalan/CVE-2022-34169.yml 38.3.0
2026-04-02T23:28:46.504584+00:00 GitLab Importer Fixing VCID-rfs8-njaq-qkc8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/xalan/xalan/CVE-2022-34169.yml 38.1.0
2026-04-01T17:50:01.766442+00:00 GitLab Importer Fixing VCID-rfs8-njaq-qkc8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/xalan/xalan/CVE-2022-34169.yml 38.0.0
2026-04-01T16:02:50.359664+00:00 GHSA Importer Fixing VCID-rfs8-njaq-qkc8 https://github.com/advisories/GHSA-9339-86wc-4qgf 38.0.0
2026-04-01T13:07:24.872022+00:00 GithubOSV Importer Fixing VCID-rfs8-njaq-qkc8 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-9339-86wc-4qgf/GHSA-9339-86wc-4qgf.json 38.0.0