There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2022-01-24T00:00:00

Updated: 2024-08-03T03:43:45.690Z

Reserved: 2022-01-19T00:00:00

Link: CVE-2022-23437

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-01-24T15:15:09.317

Modified: 2024-11-21T06:48:33.283

Link: CVE-2022-23437

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-01-24T00:00:00Z

Links: CVE-2022-23437 - Bugzilla