Unity Linux 20.1060e / 20.1070e Security Update: xerces-j2 (UTSA-2026-016680)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016680 advisory. There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser t...

MiracleLinux 4 : xerces-j2-2.7.1-12.6.AXS4 (AXSA:2013-718:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-718:01 advisory. The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition DTD defines the legal syntax and also...

MiracleLinux 3 : xerces-j2-2.7.1-7jpp.2.3AXS3 (AXSA:2009-426:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-426:01 advisory. Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces...

Linux Distros Unpatched Vulnerability : CVE-2022-23437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML...

Medium: xerces-j2

Issue Overview: Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML service, which triggers hash table collisions. CVE-2012-0881 There's a vulnerability within the Apache Xerces Java XercesJ XML parser when...

SUSE CVE-2009-2625

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service infinite loop and application hang via malformed XML input, as...

SUSE CVE-2013-4002

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment JRE in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlie...

SUSE CVE-2022-23437

There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present withi...

xerces-j2: infinite loop when handling specially crafted XML document payloads

A flaw was found in the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This issue causes the XercesJ XML parser to wait in an infinite loop, which may consume system resources for a prolonged duration, leading to a denial of service condition...

xerces-j2: infinite loop when handling specially crafted XML document payloads

A flaw was found in the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This issue causes the XercesJ XML parser to wait in an infinite loop, which may consume system resources for a prolonged duration, leading to a denial of service condition...

xerces-j2: infinite loop when handling specially crafted XML document payloads

A flaw was found in the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This issue causes the XercesJ XML parser to wait in an infinite loop, which may consume system resources for a prolonged duration, leading to a denial of service condition...

EulerOS 2.0 SP3 : xerces-j2 (EulerOS-SA-2022-1772)

According to the versions of the xerces-j2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, t...

Huawei EulerOS: Security Advisory for xerces-j2 (EulerOS-SA-2022-1772)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2022-1625 xerces-j2 security update

Welcome to the future! Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface XNI, a complete framework for building parser components and configurations that is extremely modul...

EulerOS 2.0 SP5 : xerces-j2 (EulerOS-SA-2022-1555)

According to the versions of the xerces-j2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, t...

Huawei EulerOS: Security Advisory for xerces-j2 (EulerOS-SA-2022-1555)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : xerces-j2 (EulerOS-SA-2022-1592)

According to the versions of the xerces-j2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, t...

GHSA-XXX9-3XCR-GJJ3 XML Injection in Xerces Java affects Nokogiri

Summary Nokogiri v1.13.4 updates the vendored xerces:xercesImpl from 2.12.0 to 2.12.2, which addresses CVE-2022-23437. That CVE is scored as CVSS 6.5 "Medium" on the NVD record. Please note that this advisory only applies to the JRuby implementation of Nokogiri = v1.13.4. Impact CVE-2022-23437 in...

XML Injection in Xerces Java affects Nokogiri

Summary Nokogiri v1.13.4 updates the vendored xerces:xercesImpl from 2.12.0 to 2.12.2, which addresses CVE-2022-23437. That CVE is scored as CVSS 6.5 "Medium" on the NVD record. Please note that this advisory only applies to the JRuby implementation of Nokogiri = v1.13.4. Impact CVE-2022-23437 in...

XML Injection in Xerces Java affects Nokogiri

Summary Nokogiri v1.13.4 updates the vendored xerces:xercesImpl from 2.12.0 to 2.12.2, which addresses CVE-2022-23437. That CVE is scored as CVSS 6.5 "Medium" on the NVD record. Please note that this advisory only applies to the JRuby implementation of Nokogiri = v1.13.4. Impact CVE-2022-23437 in...