what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

CVE-2022-34169

Status Candidate

Overview

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.

Related Files

Red Hat Security Advisory 2024-3708-03
Posted Jun 7, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3708-03 - Red Hat build of Apache Camel 3.20.6 for Spring Boot release and security update is now available. Issues addressed include denial of service and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-34169
SHA-256 | b794296cca4b6aa13afde5d60ad1c34a0963ff7fe6b00619c406d20379fd0301
Gentoo Linux Security Advisory 202405-16
Posted May 6, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202405-16 - A vulnerability has been discovered in Apache Commons BCEL, which can lead to remote code execution. Versions greater than or equal to 6.6.0 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2022-34169, CVE-2022-42920
SHA-256 | 7f322fd49353c7dc30ad72c75bda0f014790e3f0929a1b292d08c8aea0d57b2d
Gentoo Linux Security Advisory 202401-25
Posted Jan 17, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-25 - Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution. Versions greater than or equal to 11.0.19_p7:11 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-34169, CVE-2022-39399, CVE-2022-42920, CVE-2023-21830, CVE-2023-21835, CVE-2023-21843
SHA-256 | 0a4fe242d77ea01ee2a725ae008fbefb532aeaf7181a2f1427c642180897d42f
Red Hat Security Advisory 2022-6263-01
Posted Sep 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6263-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.61. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2022-1353, CVE-2022-21540, CVE-2022-21541, CVE-2022-2526, CVE-2022-29154, CVE-2022-34169
SHA-256 | f81d6d7743dfee9d3117b3d90921d3f45e47a85facb6f384cd437bf521688c88
Red Hat Security Advisory 2022-6262-01
Posted Sep 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6262-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.61. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-39226, CVE-2022-1353, CVE-2022-21540, CVE-2022-21541, CVE-2022-2526, CVE-2022-29154, CVE-2022-30631, CVE-2022-34169
SHA-256 | 72548ddc1adb7743918cfe4de6f5c9572a4cdabfee46870057e2ef7ea8b5251e
Xalan-J XSLTC Integer Truncation
Posted Aug 26, 2022
Authored by Google Security Research, Felix Wilhelm

The Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.

tags | exploit, java, arbitrary
advisories | CVE-2022-34169
SHA-256 | 2ba78b07aefa0b49411c9850601bb70eafd9ced41709aea21651ae90f931e2ad
Red Hat Security Advisory 2022-6053-01
Posted Aug 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.56.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-29368, CVE-2021-4197, CVE-2021-4203, CVE-2022-1012, CVE-2022-1729, CVE-2022-21540, CVE-2022-21541, CVE-2022-30631, CVE-2022-32250, CVE-2022-34169
SHA-256 | a7ccf49e5d5fabb893201270bb9b906591faff1cc62baab74a3927a8077a758c
Red Hat Security Advisory 2022-5879-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5879-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.45.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-29368, CVE-2021-4197, CVE-2021-4203, CVE-2022-1012, CVE-2022-1729, CVE-2022-21540, CVE-2022-21541, CVE-2022-2403, CVE-2022-32250, CVE-2022-34169
SHA-256 | 954ba3d44e847b38ef08b306ba9eb1fd6b913c197417c0c9e44eb925170f6b84
Ubuntu Security Notice USN-5546-1
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5546-1 - Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 84c887787fbc010de3680aa29d38e80563065655d3f3e4aab5622447751585c1
Ubuntu Security Notice USN-5546-2
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5546-2 - USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 87c3a989ef7c811d1439e85194a5e4c23b3972fb68b3f204b750638318cec97c
Red Hat Security Advisory 2022-5730-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5730-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.25.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-29368, CVE-2021-4197, CVE-2021-4203, CVE-2022-1012, CVE-2022-1729, CVE-2022-21540, CVE-2022-21541, CVE-2022-23772, CVE-2022-24675, CVE-2022-24921, CVE-2022-32250, CVE-2022-34169
SHA-256 | e525d06407e4223a8a0233610319ed4f467126b67fe9026741ae52cbd2b2d4e3
Red Hat Security Advisory 2022-5756-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5756-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | f52d40865e6e2b5dc6f79db2e53b46eedf52acbbd8396c1f11dd57f9e5c9be24
Red Hat Security Advisory 2022-5736-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5736-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | b66cd98c78dd60c3c02ba788ca87f0a5946d2153bacdf3a63a5a2670ad03b049
Red Hat Security Advisory 2022-5757-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5757-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | fbc6977854b35380ab268b6817556c6ff587166034c887f15ad8178f74be7a03
Red Hat Security Advisory 2022-5755-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5755-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | dde69b3a3d34278274a38d493cdc50add579cca9418af76873b040d0b3336a83
Red Hat Security Advisory 2022-5758-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5758-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | f9d354777dd10a4d576c7f92cad0e774d1b70f6fb7ca65cb496e9dc5f24a4088
Red Hat Security Advisory 2022-5753-01
Posted Jul 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5753-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | f8378570cf35560179a4d3e79ab2bdff5edbdb9ae5318dc950cbf998c4e25013
Red Hat Security Advisory 2022-5754-01
Posted Jul 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5754-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 26f47682777977fda3a4989390cfccb9c0053ddf9c75c92ad2fd0395143846ef
Debian Security Advisory 5188-1
Posted Jul 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5188-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox.

tags | advisory, java, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 29a0f917abc74366db286b0e2c728ac6e60841d4121d88dfe35fd0c63c99122a
Debian Security Advisory 5192-1
Posted Jul 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5192-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox.

tags | advisory, java, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | c43d3f47904bf1622399c5f254c0b94f22c3a33cfcc6a1dd53dd9f101969be72
Red Hat Security Advisory 2022-5681-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5681-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 4022493c00df8ae363197d2c710c457926d223048324cd790dacad028a8b3305
Red Hat Security Advisory 2022-5709-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5709-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 0590bf17699e24ac6659ca7ff1cd73a1fbefeec4bcbbb1a851cc93d8cf499ea3
Red Hat Security Advisory 2022-5687-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5687-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | f42784214e4f975e5fc3ba315b4d3501faca7e6c8ae7430df79b5a998e4ae286
Red Hat Security Advisory 2022-5685-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5685-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 63d02547aae9a2bcd50e5edc27c7bf212eb066f42de7cc7b377f432bcc2d9de0
Red Hat Security Advisory 2022-5683-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5683-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 73750c2a904c808e10702e120e36799a1cddef2042e8b560bec52e4d6948bdab
Page 1 of 2
Back12Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close