{"id":"MGASA-2022-0261","summary":"Updated java packages fix security vulnerability","details":"OpenJDK: Defective secure validation in Apache Santuario (Libraries,\n8278008) (CVE-2022-21476)\nOpenJDK: Unbounded memory allocation when compiling crafted XPath\nexpressions (JAXP, 8270504) (CVE-2022-21426)\nOpenJDK: Improper object-to-string conversion in\nAnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434)\nOpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)\n(CVE-2022-21443)\nOpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)\n","modified":"2026-04-16T04:42:04.444160662Z","published":"2022-07-16T19:58:20Z","upstream":["CVE-2022-21426","CVE-2022-21434","CVE-2022-21443","CVE-2022-21476","CVE-2022-21496"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0261.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30401"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2022:1491"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2022:1442"}],"affected":[{"package":{"name":"java-1.8.0-openjdk","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/java-1.8.0-openjdk?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.0.332.b09-1.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0261.json"}},{"package":{"name":"java-11-openjdk","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/java-11-openjdk?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"11.0.15.0.10-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0261.json"}},{"package":{"name":"timezone","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/timezone?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2022a-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0261.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}