Lucene search
+L

CVE-2022-34169

🗓️ 19 Jul 2022 00:00:00Reported by apacheType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 10 Media mentions👁 679 Views🌐 WEB

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing maliciou

Related
Detection
Affected
Refs
Paths
Social
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for June 2023
30 Jun 202315:51
ibm
IBM Security Bulletins
Security Bulletin: Rational Performance Tester contains a vulnerability which could lead to potential remote code execution
2 Jan 202618:17
ibm
IBM Security Bulletins
Security Bulletin: IBM Content Navigator is affect my Apache Xalan
30 Mar 202609:01
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability found in Apache Xalan Java XSLT library may affect IBM Enterprise Records
20 Oct 202211:30
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities may affect IBM® Semeru Runtime
7 Sep 202210:52
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data
15 Apr 202502:34
ibm
IBM Security Bulletins
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
13 Mar 202410:54
ibm
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for March 2024.
15 Apr 202502:17
ibm
IBM Security Bulletins
Security Bulletin: IBM Cloud Pak for Network Automation 2.5.0 fixes multiple security vulnerabilities
20 Jun 202308:52
ibm
IBM Security Bulletins
Security Bulletin: IBM Planning Analytics Workspace is affected but not considered vulnerable to multiple vulnerabilities
26 Mar 202504:04
ibm
Rows per page
NVD
Vulners
Node
apachexalan-javaRange2.7.2
Node
Node
OR
oraclegraalvmMatch20.3.6enterprise
oraclegraalvmMatch21.3.2enterprise
oraclegraalvmMatch22.1.0enterprise
oraclejdkMatch1.7.0update343
oraclejdkMatch1.8.0update333
oraclejdkMatch11.0.15.1
oraclejdkMatch17.0.3.1
oraclejdkMatch18.0.1.1
oraclejreMatch1.7.0update343
oraclejreMatch1.8.0update333
oraclejreMatch11.0.15.1
oraclejreMatch17.0.3.1
oraclejreMatch18.0.1.1
Node
OR
oracleopenjdkRange1111.0.15
oracleopenjdkRange1313.0.11
oracleopenjdkRange1515.0.7
oracleopenjdkRange1717.0.3
oracleopenjdkMatch7update1
oracleopenjdkMatch7update10
oracleopenjdkMatch7update101
oracleopenjdkMatch7update11
oracleopenjdkMatch7update111
oracleopenjdkMatch7update121
oracleopenjdkMatch7update13
oracleopenjdkMatch7update131
oracleopenjdkMatch7update141
oracleopenjdkMatch7update15
oracleopenjdkMatch7update151
oracleopenjdkMatch7update161
oracleopenjdkMatch7update17
oracleopenjdkMatch7update171
oracleopenjdkMatch7update181
oracleopenjdkMatch7update191
oracleopenjdkMatch7update2
oracleopenjdkMatch7update201
oracleopenjdkMatch7update21
oracleopenjdkMatch7update211
oracleopenjdkMatch7update221
oracleopenjdkMatch7update231
oracleopenjdkMatch7update241
oracleopenjdkMatch7update25
oracleopenjdkMatch7update251
oracleopenjdkMatch7update261
oracleopenjdkMatch7update271
oracleopenjdkMatch7update281
oracleopenjdkMatch7update291
oracleopenjdkMatch7update3
oracleopenjdkMatch7update301
oracleopenjdkMatch7update311
oracleopenjdkMatch7update321
oracleopenjdkMatch7update4
oracleopenjdkMatch7update40
oracleopenjdkMatch7update45
oracleopenjdkMatch7update5
oracleopenjdkMatch7update51
oracleopenjdkMatch7update55
oracleopenjdkMatch7update6
oracleopenjdkMatch7update60
oracleopenjdkMatch7update65
oracleopenjdkMatch7update67
oracleopenjdkMatch7update7
oracleopenjdkMatch7update72
oracleopenjdkMatch7update76
oracleopenjdkMatch7update80
oracleopenjdkMatch7update85
oracleopenjdkMatch7update9
oracleopenjdkMatch7update91
oracleopenjdkMatch7update95
oracleopenjdkMatch7update97
oracleopenjdkMatch7update99
oracleopenjdkMatch8milestone1
oracleopenjdkMatch8milestone2
oracleopenjdkMatch8milestone3
oracleopenjdkMatch8milestone4
oracleopenjdkMatch8milestone5
oracleopenjdkMatch8milestone6
oracleopenjdkMatch8milestone7
oracleopenjdkMatch8milestone8
oracleopenjdkMatch8milestone9
oracleopenjdkMatch8update101
oracleopenjdkMatch8update102
oracleopenjdkMatch8update11
oracleopenjdkMatch8update111
oracleopenjdkMatch8update112
oracleopenjdkMatch8update121
oracleopenjdkMatch8update131
oracleopenjdkMatch8update141
oracleopenjdkMatch8update151
oracleopenjdkMatch8update152
oracleopenjdkMatch8update161
oracleopenjdkMatch8update162
oracleopenjdkMatch8update171
oracleopenjdkMatch8update172
oracleopenjdkMatch8update181
oracleopenjdkMatch8update191
oracleopenjdkMatch8update192
oracleopenjdkMatch8update20
oracleopenjdkMatch8update201
oracleopenjdkMatch8update202
oracleopenjdkMatch8update211
oracleopenjdkMatch8update212
oracleopenjdkMatch8update221
oracleopenjdkMatch8update222
oracleopenjdkMatch8update231
oracleopenjdkMatch8update232
oracleopenjdkMatch8update241
oracleopenjdkMatch8update242
oracleopenjdkMatch8update25
oracleopenjdkMatch8update252
oracleopenjdkMatch8update262
oracleopenjdkMatch8update271
oracleopenjdkMatch8update281
oracleopenjdkMatch8update282
oracleopenjdkMatch8update291
oracleopenjdkMatch8update301
oracleopenjdkMatch8update302
oracleopenjdkMatch8update31
oracleopenjdkMatch8update312
oracleopenjdkMatch8update322
oracleopenjdkMatch8update332
oracleopenjdkMatch8update40
oracleopenjdkMatch8update45
oracleopenjdkMatch8update5
oracleopenjdkMatch8update51
oracleopenjdkMatch8update60
oracleopenjdkMatch8update65
oracleopenjdkMatch8update66
oracleopenjdkMatch8update71
oracleopenjdkMatch8update72
oracleopenjdkMatch8update73
oracleopenjdkMatch8update74
oracleopenjdkMatch8update77
oracleopenjdkMatch8update91
oracleopenjdkMatch8update92
Node
OR
azulzuluMatch6.47
azulzuluMatch7.54
azulzuluMatch8.62
azulzuluMatch11.56
azulzuluMatch13.48
azulzuluMatch15.40
azulzuluMatch17.34
azulzuluMatch18.30
[
  {
    "product": "Apache Xalan-J",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "2.7.2",
        "status": "affected",
        "version": "Xalan-J",
        "versionType": "custom"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
Filerequest bodyuploadInteger truncation vulnerability in Apache Xalan Java XSLT processing enabling crafted stylesheet to corrupt generated bytecode and achieve code execution (CVE-2022-34169).CWE-681
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 04:49Current
8.2High risk
Vulners AI Score8.2
CVSS 3.17.5
EPSS0.33623
SSVC
679