Severity
High
Analysis Summary
CVE-2022-34169
The Apache Xalan Java XSLT library could allow a remote attacker to execute arbitrary code on the system, caused by an integer truncation issue when processing malicious XSLT stylesheets. By using specially crafted XSLT stylesheets, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-34169
Affected Vendors
Apache
Affected Products
Apache Xalan Java XSLT library
Remediation
Refer to Apache Security Advisory for patch, upgrade or suggested workaround information.