eap7-xalan-j2 vulnerabilities

Known vulnerabilities in the eap7-xalan-j2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Deserialization of Untrusted Data	<0:2.7.1-38.redhat_00015.1.el7eap
H SQL Injection	<0:2.7.1-38.redhat_00015.1.el7eap
H Improper Input Validation	<0:2.7.1-38.redhat_00015.1.el7eap
H Information Exposure	<0:2.7.1-38.redhat_00015.1.el7eap
H Deserialization of Untrusted Data	<0:2.7.1-38.redhat_00015.1.el7eap
H Server-Side Request Forgery (SSRF)	<0:2.7.1-38.redhat_00015.1.el7eap
H Resource Exhaustion	<0:2.7.1-38.redhat_00015.1.el7eap
H Deserialization of Untrusted Data	<0:2.7.1-38.redhat_00015.1.el7eap
H Uncontrolled Memory Allocation	<0:2.7.1-38.redhat_00015.1.el7eap
H Resource Exhaustion	<0:2.7.1-38.redhat_00015.1.el7eap
H Server-Side Request Forgery (SSRF)	<0:2.7.1-38.redhat_00015.1.el7eap
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<0:2.7.1-38.redhat_00015.1.el7eap
H Deserialization of Untrusted Data	<0:2.7.1-38.redhat_00015.1.el7eap
H HTTP Request Smuggling	<0:2.7.1-26.redhat_00015.1.ep7.el7
H Improper Authentication	<0:2.7.1-26.redhat_00015.1.ep7.el7
H Excessive Platform Resource Consumption within a Loop	<0:2.7.1-37.redhat_00015.1.el7eap
H Allocation of Resources Without Limits or Throttling	<0:2.7.1-37.redhat_00015.1.el7eap
H Resource Exhaustion	<0:2.7.1-37.redhat_00015.1.el7eap
H Cross-site Scripting (XSS)	<0:2.7.1-37.redhat_00015.1.el7eap
H Integer Coercion Error	<0:2.7.1-37.redhat_00015.1.el7eap
H Access Restriction Bypass	<0:2.7.1-25.redhat_11.1.ep7.el7
M Information Exposure	<0:2.7.1-35.redhat_12.1.el7eap
M HTTP Request Smuggling	<0:2.7.1-36.redhat_00013.1.el7eap
M Information Exposure	<0:2.7.1-36.redhat_00013.1.el7eap
H HTTP Response Splitting	<0:2.7.1-25.redhat_11.1.ep7.el7
H CVE-2015-0254	<0:2.7.1-25.redhat_11.1.ep7.el7
M Arbitrary Command Injection	<0:2.7.1-36.redhat_00013.1.el7eap

Vulnerability

Vulnerable Version

Deserialization of Untrusted Data