Search for packages
| purl | pkg:deb/debian/libxalan2-java@2.7.1-9 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1psf-36k5-aaaa | The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function. |
CVE-2014-0107
GHSA-rc2w-r4jq-7pfx |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T13:59:48.546489+00:00 | Debian Oval Importer | Fixing | VCID-1psf-36k5-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T01:12:40.069693+00:00 | Debian Oval Importer | Fixing | VCID-1psf-36k5-aaaa | None | 36.1.3 |
| 2025-06-08T13:11:04.997759+00:00 | Debian Oval Importer | Fixing | VCID-1psf-36k5-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T06:53:56.643668+00:00 | Debian Oval Importer | Fixing | VCID-1psf-36k5-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T18:35:19.820479+00:00 | Debian Oval Importer | Fixing | VCID-1psf-36k5-aaaa | None | 36.1.0 |
| 2025-04-12T18:58:48.474048+00:00 | Debian Oval Importer | Fixing | VCID-1psf-36k5-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T05:26:25.176372+00:00 | Debian Oval Importer | Fixing | VCID-1psf-36k5-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T17:13:04.652148+00:00 | Debian Oval Importer | Fixing | VCID-1psf-36k5-aaaa | None | 36.0.0 |