There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2022-01-24T00:00:00
Updated: 2024-08-03T03:43:45.690Z
Reserved: 2022-01-19T00:00:00
Link: CVE-2022-23437
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-01-24T15:15:09.317
Modified: 2024-11-21T06:48:33.283
Link: CVE-2022-23437
Redhat