Details
-
Improvement
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
None
-
None
Description
Several extension components, including Scripting Processors and Media Processors, depend on Xerces 2.12.1, which is vulnerable to resource exhaustion when parsing crafted XML documents, as described in CVE-2022-23437.
Xerces 2.12.2 addresses CVE-2022-23437.
Attachments
Issue Links
- links to