Apache Xalan-java
2 CVEs affecting Apache Xalan-java. Latest disclosed: 2022-07-19. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-34169 | High | 7.5 | 2022-07-19 | The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java cl… |
CVE-2014-0107 | | 2014-04-15 | The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, whi… |