[XERCESJ-1757] CVE-2017-10355 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Critical
Resolution: Duplicate
Affects Version/s: 2.12.2
Fix Version/s: None
Component/s: None
Labels:
- security

Flags:

Important

Description

CVE-2017-10355 (OSSINDEX)

sonatype-2017-0348 - xerces:xercesImpl - Denial of Service (DoS) The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.

CWE-833 Deadlock

CVSSv3:

Base Score: MEDIUM (5.9)
Vector: CVSS:/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

OSSINDEX - [CVE-2017-10355] CWE-833: Deadlock
OSSIndex - https://blogs.securiteam.com/index.php/archives/3271

Vulnerable Software & Versions (OSSINDEX):

cpe:2.3:a:xerces:xercesImpl:2.12.2:::::::*

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Danny Trunk

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/Jun/23 14:50

Updated:: 15/Jan/24 19:38

Resolved:: 15/Jan/24 19:38