{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T08:05:51.336","vulnerabilities":[{"cve":{"id":"CVE-2022-23437","sourceIdentifier":"security@apache.org","published":"2022-01-24T15:15:09.317","lastModified":"2024-11-21T06:48:33.283","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions."},{"lang":"es","value":"Se presenta una vulnerabilidad en el analizador XML de Apache Xerces Java (XercesJ) cuando maneja cargas útiles de documentos XML especialmente diseñados. Esto causa que el analizador XML de XercesJ espere en un bucle infinito, lo que a veces puede consumir recursos del sistema durante un tiempo prolongado. Esta vulnerabilidad está presente en XercesJ versión 2.12.1, y en versiones anteriores"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:C","baseScore":7.1,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:xerces-j:*:*:*:*:*:*:*:*","versionEndIncluding":"2.12.1","matchCriteriaId":"35BFF235-489B-4262-94F4-061317ED4EAE"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*","matchCriteriaId":"80C9DBB8-3D50-4D5D-859A-B022EB7C2E64"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*","matchCriteriaId":"C650FEDB-E903-4C2D-AD40-282AB5F2E3C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.7:*:*:*:*:*:*:*","matchCriteriaId":"ED63D221-31FA-480F-802F-844334F429F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:banking_party_management:2.7.0:*:*:*:*:*:*:*","matchCriteriaId":"C542DC5E-6657-4178-9C69-46FD3C187D56"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*","matchCriteriaId":"3141B86F-838D-491A-A8ED-3B7C54EA89C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"9.0","matchCriteriaId":"02712DD6-D944-4452-8015-000B9851D257"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"9.0","matchCriteriaId":"274BCA96-2E6A-4B77-B69E-E2093A668D28"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"9.0","matchCriteriaId":"8D4B738B-08CF-44F6-A939-39F5BEAF03B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.6.0.0","versionEndIncluding":"8.0.9.0","matchCriteriaId":"E4A07A20-CDE7-40A8-B24A-D4181C4398A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0.0","versionEndExcluding":"8.1.2.0","matchCriteriaId":"83DEEFFB-058D-4ABD-9083-AF70772D7010"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.6.0.0","versionEndIncluding":"8.0.8.0","matchCriteriaId":"147A4225-A2D5-4AA1-96D1-6D95A192B596"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"A4B3A10E-70A8-4332-8567-06AE2C45D3C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*","matchCriteriaId":"059F0D4E-B007-4986-AB95-89F11147CB2B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*","matchCriteriaId":"6CAC78AD-86BB-4F06-B8CF-8E1329987F2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*","matchCriteriaId":"55F091C7-0869-4FD6-AC73-DA697D990304"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*","matchCriteriaId":"4D134C60-F9E2-46C2-8466-DB90AD98439E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.1:*:*:*:*:*:*:*","matchCriteriaId":"C64D669C-513E-4C53-8BB8-13EB336CDC3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"18E7AC20-F70C-4A92-817D-94CE9FB3EB0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.0:*:*:*:*:*:*:*","matchCriteriaId":"F6394E90-2F2C-4955-9F97-BFED76D4333B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.1:*:*:*:*:*:*:*","matchCriteriaId":"5B5DC0C1-789B-4126-8C6D-DEDE83AA2D2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"44563108-AD89-49A0-9FA5-7DE5A5601D2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*","matchCriteriaId":"FCA5DC3F-E7D8-45E3-8114-2213EC631CDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:flexcube_universal_banking:12.4.0:*:*:*:*:*:*:*","matchCriteriaId":"F3D55FB5-8ED8-4797-B5BC-545477AF7347"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:*:*:*:*:*:*:*:*","versionEndExcluding":"13.9.4.2.2","matchCriteriaId":"EE85204F-614D-4EF1-ABEB-B3CD381C2CB0"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:*:*:*:*:*:*:*","matchCriteriaId":"5A6FFB5C-EB44-499F-BE81-24ED2B1F201A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:*","versionEndExcluding":"12.2.0.1.30","matchCriteriaId":"8F0728F8-14D0-4282-9CA7-EFCD68EE77AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:health_sciences_information_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.1","versionEndIncluding":"3.0.5","matchCriteriaId":"D450B848-371E-4401-9DB0-27AF31B5D5EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:health_sciences_information_manager:3.0.0.1:*:*:*:*:*:*:*","matchCriteriaId":"4BE4F581-7DEF-4417-A55D-561BDAC5CA7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:ilearning:6.2:*:*:*:*:*:*:*","matchCriteriaId":"D361A9A8-15B0-4527-868B-80998772F2AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:ilearning:6.3:*:*:*:*:*:*:*","matchCriteriaId":"4A667A37-59EB-4539-ADCA-D5F789DB6744"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*","matchCriteriaId":"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*","matchCriteriaId":"C8AF00C6-B97F-414D-A8DF-057E6BFD8597"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.7","versionEndIncluding":"17.12.11","matchCriteriaId":"A6300315-7816-4F4E-A1C3-99EF5984B94A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"18.8.0","versionEndIncluding":"18.8.14","matchCriteriaId":"F04DF183-EBCB-456E-90F9-A8500E6E32B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"19.12.0","versionEndIncluding":"19.12.13","matchCriteriaId":"8D30B0D1-4466-4601-8822-CE8ADBB381FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"20.12.0","versionEndIncluding":"20.12.8","matchCriteriaId":"0E362FE6-A387-4DFB-ADD7-FB4BAE9DE7CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*","matchCriteriaId":"7F978162-CB2C-4166-947A-9048C6E878BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_bulk_data_integration:16.0.3.0:*:*:*:*:*:*:*","matchCriteriaId":"360B307A-3D7F-4B38-8248-76CF8318B023"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2.8:*:*:*:*:*:*:*","matchCriteriaId":"31FFE404-027E-4B59-B3EF-BD20E1F7EECC"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*","matchCriteriaId":"798E4FEE-9B2B-436E-A2B3-B8AA1079892A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_financial_integration:15.0.3.1:*:*:*:*:*:*:*","matchCriteriaId":"CB86F6C3-981E-4ECA-A5EB-9A9CD73D70C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_financial_integration:16.0.3:*:*:*:*:*:*:*","matchCriteriaId":"6B042849-7EF5-4A5F-B6CD-712C0B8735BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_financial_integration:19.0.1:*:*:*:*:*:*:*","matchCriteriaId":"7435071D-0C95-4686-A978-AFC4C9A0D0FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*","matchCriteriaId":"8CFCE558-9972-46A2-8539-C16044F1BAA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*","matchCriteriaId":"A1194C4E-CF42-4B4D-BA9A-40FDD28F1D58"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_integration_bus:16.0.3:*:*:*:*:*:*:*","matchCriteriaId":"822A3C37-86F2-4E91-BE91-2A859F983941"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_integration_bus:19.0.1:*:*:*:*:*:*:*","matchCriteriaId":"BD311C33-A309-44D5-BBFB-539D72C7F8C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:*:*:*:*:*:*:*","matchCriteriaId":"F8383028-B719-41FD-9B6A-71F8EB4C5F8D"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*","matchCriteriaId":"AE1BC44A-F0AF-41CD-9CEB-B07AB5ADAB38"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:*:*:*:*:*:*:*","matchCriteriaId":"E702EBED-DB39-4084-84B1-258BC5FE7545"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:*:*:*:*:*:*:*","matchCriteriaId":"3F7956BF-D5B6-484B-999C-36B45CD8B75B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_service_backbone:16.0.3:*:*:*:*:*:*:*","matchCriteriaId":"DEE71EA5-B315-4F1E-BFEE-EC426B562F7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_service_backbone:19.0.1:*:*:*:*:*:*:*","matchCriteriaId":"9DA6B655-A445-42E5-B6D9-70AB1C04774A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"F14A818F-AA16-4438-A3E4-E64C9287AC66"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"04BCDC24-4A21-473C-8733-0D9CFB38A752"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","matchCriteriaId":"B55E8D50-99B4-47EC-86F9-699B67D473CE"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2022/01/24/3","source":"security@apache.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread/6pjwm10bb69kq955fzr1n0nflnjd27dl","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20221028-0005/","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2022/01/24/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread/6pjwm10bb69kq955fzr1n0nflnjd27dl","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20221028-0005/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}