There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
Apache XercesJ users, should migrate to version 2.12.2
References
History
No history.

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2024-08-03T03:43:45.690Z
Reserved: 2022-01-19T00:00:00
Link: CVE-2022-23437

No data.

Status : Modified
Published: 2022-01-24T15:15:09.317
Modified: 2024-11-21T06:48:33.283
Link: CVE-2022-23437


No data.