Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-23437
HistoryJan 24, 2022 - 3:15 p.m.

Design/Logic Flaw

2022-01-2415:15:00
PRIOn knowledge base
www.prio-n.com
11

6.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.8%

JSON

There’s a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.

Related

suse 2
osv 2
nessus 24
openvas 9
ibm 34
redhatcve 1
ubuntucve 1
cve 1
cnvd 1
veracode 1
github 2
debiancve 1
cvelist 1
nvd 1
rubygems 1
redhat 4
oracle 6
suse
suse
Security update for xerces-j2 (important)
2022-02-18 00:00:00
Security update for xerces-j2 (important)
2022-02-18 00:00:00
osv
osv
XML Injection in Xerces Java affects Nokogiri
2022-04-11 21:30:00
Infinite Loop in Apache Xerces Java
2022-01-27 16:13:07
nessus
nessus
RHEL 9 : xerces-j2 (Unpatched Vulnerability)
2024-06-03 00:00:00
SUSE SLES11 Security Update : xerces-j2 (SUSE-SU-2022:14889-1)
2022-02-19 00:00:00
RHEL 8 : xerces-j2 (Unpatched Vulnerability)
2024-06-03 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:0503-1)
2022-02-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0500-1)
2022-02-19 00:00:00
Huawei EulerOS: Security Advisory for xerces-j2 (EulerOS-SA-2022-1555)
2022-04-25 00:00:00
ibm
ibm
Security Bulletin: IBM TRIRIGA Application Platform discloses use of Apache Xerces (CVE-2022-23437)
2023-08-01 17:17:31
Security Bulletin: IBM Sterling Control Center is vulnerable to a denial of service vulnerability due to Apache Xerces2 Java XML Parser (CVE-2022-23437)
2022-06-13 17:15:01
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Xerces
2022-05-26 01:20:18
redhatcve
redhatcve
CVE-2022-23437
2022-01-27 11:58:37
ubuntucve
ubuntucve
CVE-2022-23437
2022-01-24 00:00:00
cve
cve
CVE-2022-23437
2022-01-24 15:15:09
cnvd
cnvd
Apache Xerces Denial of Service Vulnerability
2022-01-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-01-25 04:25:23
github
github
Infinite Loop in Apache Xerces Java
2022-01-27 16:13:07
XML Injection in Xerces Java affects Nokogiri
2022-04-11 21:30:00
debiancve
debiancve
CVE-2022-23437
2022-01-24 15:15:09
cvelist
cvelist
CVE-2022-23437 Infinite loop within Apache XercesJ xml parser
2022-01-24 00:00:00
nvd
nvd
CVE-2022-23437
2022-01-24 15:15:09
rubygems
rubygems
XML Injection in Xerces Java affects Nokogiri
2022-04-10 21:00:00
redhat
redhat
(RHSA-2022:4922) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update
2022-06-06 15:07:26
(RHSA-2022:4919) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 8
2022-06-06 14:31:32
(RHSA-2022:4918) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7
2022-06-06 14:31:15
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00

6.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.8%

JSON
Related for PRION:CVE-2022-23437
suse2osv2nessus24openvas9ibm34redhatcve1ubuntucve1cve1cnvd1veracode1github2debiancve1cvelist1nvd1rubygems1redhat4oracle6