exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

CVE-2022-34169

Status Candidate

Overview

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.

Related Files

Red Hat Security Advisory 2022-6263-01
Posted Sep 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6263-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.61. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2022-1353, CVE-2022-21540, CVE-2022-21541, CVE-2022-2526, CVE-2022-29154, CVE-2022-34169
SHA-256 | f81d6d7743dfee9d3117b3d90921d3f45e47a85facb6f384cd437bf521688c88
Red Hat Security Advisory 2022-6262-01
Posted Sep 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6262-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.61. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-39226, CVE-2022-1353, CVE-2022-21540, CVE-2022-21541, CVE-2022-2526, CVE-2022-29154, CVE-2022-30631, CVE-2022-34169
SHA-256 | 72548ddc1adb7743918cfe4de6f5c9572a4cdabfee46870057e2ef7ea8b5251e
Xalan-J XSLTC Integer Truncation
Posted Aug 26, 2022
Authored by Google Security Research, Felix Wilhelm

The Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.

tags | exploit, java, arbitrary
advisories | CVE-2022-34169
SHA-256 | 2ba78b07aefa0b49411c9850601bb70eafd9ced41709aea21651ae90f931e2ad
Red Hat Security Advisory 2022-6053-01
Posted Aug 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.56.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-29368, CVE-2021-4197, CVE-2021-4203, CVE-2022-1012, CVE-2022-1729, CVE-2022-21540, CVE-2022-21541, CVE-2022-30631, CVE-2022-32250, CVE-2022-34169
SHA-256 | a7ccf49e5d5fabb893201270bb9b906591faff1cc62baab74a3927a8077a758c
Red Hat Security Advisory 2022-5879-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5879-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.45.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-29368, CVE-2021-4197, CVE-2021-4203, CVE-2022-1012, CVE-2022-1729, CVE-2022-21540, CVE-2022-21541, CVE-2022-2403, CVE-2022-32250, CVE-2022-34169
SHA-256 | 954ba3d44e847b38ef08b306ba9eb1fd6b913c197417c0c9e44eb925170f6b84
Ubuntu Security Notice USN-5546-1
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5546-1 - Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 84c887787fbc010de3680aa29d38e80563065655d3f3e4aab5622447751585c1
Ubuntu Security Notice USN-5546-2
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5546-2 - USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 87c3a989ef7c811d1439e85194a5e4c23b3972fb68b3f204b750638318cec97c
Red Hat Security Advisory 2022-5730-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5730-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.25.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-29368, CVE-2021-4197, CVE-2021-4203, CVE-2022-1012, CVE-2022-1729, CVE-2022-21540, CVE-2022-21541, CVE-2022-23772, CVE-2022-24675, CVE-2022-24921, CVE-2022-32250, CVE-2022-34169
SHA-256 | e525d06407e4223a8a0233610319ed4f467126b67fe9026741ae52cbd2b2d4e3
Red Hat Security Advisory 2022-5756-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5756-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | f52d40865e6e2b5dc6f79db2e53b46eedf52acbbd8396c1f11dd57f9e5c9be24
Red Hat Security Advisory 2022-5736-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5736-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | b66cd98c78dd60c3c02ba788ca87f0a5946d2153bacdf3a63a5a2670ad03b049
Red Hat Security Advisory 2022-5757-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5757-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | fbc6977854b35380ab268b6817556c6ff587166034c887f15ad8178f74be7a03
Red Hat Security Advisory 2022-5755-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5755-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | dde69b3a3d34278274a38d493cdc50add579cca9418af76873b040d0b3336a83
Red Hat Security Advisory 2022-5758-01
Posted Aug 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5758-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | f9d354777dd10a4d576c7f92cad0e774d1b70f6fb7ca65cb496e9dc5f24a4088
Red Hat Security Advisory 2022-5753-01
Posted Jul 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5753-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat, windows
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | f8378570cf35560179a4d3e79ab2bdff5edbdb9ae5318dc950cbf998c4e25013
Red Hat Security Advisory 2022-5754-01
Posted Jul 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5754-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 26f47682777977fda3a4989390cfccb9c0053ddf9c75c92ad2fd0395143846ef
Red Hat Security Advisory 2022-5681-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5681-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 4022493c00df8ae363197d2c710c457926d223048324cd790dacad028a8b3305
Red Hat Security Advisory 2022-5709-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5709-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 0590bf17699e24ac6659ca7ff1cd73a1fbefeec4bcbbb1a851cc93d8cf499ea3
Red Hat Security Advisory 2022-5687-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5687-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | f42784214e4f975e5fc3ba315b4d3501faca7e6c8ae7430df79b5a998e4ae286
Red Hat Security Advisory 2022-5685-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5685-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 63d02547aae9a2bcd50e5edc27c7bf212eb066f42de7cc7b377f432bcc2d9de0
Red Hat Security Advisory 2022-5683-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5683-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 73750c2a904c808e10702e120e36799a1cddef2042e8b560bec52e4d6948bdab
Red Hat Security Advisory 2022-5696-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5696-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 90aa442e73f7ca1888abd920923de28833512959df21e95c08d39c4cab915902
Red Hat Security Advisory 2022-5726-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5726-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 6eb27b7dc1c808f4bcad32366c47aa3d773d890869f4e69aed306edaf4b3fbe3
Red Hat Security Advisory 2022-5700-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5700-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 2eb35b2df1cacc4a36a42c332480d92ee22b35a56de488302d470a3f4c9c1fcd
Red Hat Security Advisory 2022-5697-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5697-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | f3812b6fa28c1023509197e21697b43b7de225a6cad32b3c4cd12cde82c5cf72
Red Hat Security Advisory 2022-5695-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5695-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-21540, CVE-2022-21541, CVE-2022-34169
SHA-256 | 9e7bc1d56bc3f5de8e85ed7dc06c90a4a965fbeb55cb00e091f5dfb6ea8220af
Page 1 of 2
Back12Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close