nvd-json-data-feeds/CVE-2014/CVE-2014-01xx/CVE-2014-0107.json

{
  "id": "CVE-2014-0107",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2014-04-15T23:13:13.070",
  "lastModified": "2024-11-21T02:01:22.950",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function."
    },
    {
      "lang": "es",
      "value": "El TransformerFactory en Apache Xalan-Java anterior a 2.7.2 no restringe debidamente el acceso a ciertas propiedades cuando FEATURE_SECURE_PROCESSING  est\u00e1 habilitado, lo cual permite a atacantes remotos evadir restricciones y cargar clases arbitrarias o acceder a recursos externos a trav\u00e9s de una propiedad (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header o (4) xslt:entities manipulada, o una propiedad Java que est\u00e1 ligada a la funci\u00f3n XSLT 1.0 system-property."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "baseScore": 7.5,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "2.7.1",
              "matchCriteriaId": "6DAC17F1-EBD3-4351-B417-587A2D7501BE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0C500B0-BBEB-4981-B639-48AE9D29FB60"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CADED80-EBD1-46A1-AD7D-87BFA26A3C7C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "745CB7DD-92B7-4B50-BE38-44F0BEE12C64"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE19D33-C03D-4443-A460-63AFD5921329"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A443E45-D5F5-40AC-B937-A02A83732089"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6ECB30C-3B99-4532-8A9A-BBA694E91CB1"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE168C8-3986-4A97-9CDC-ADDEFB21141C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7675485D-F8E9-4FE5-BD3A-7D26CF65A959"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B1727C-243B-44C2-9AC9-6DEC7719D7FB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4079C93E-4BED-42D0-B196-E8C123B6DB3A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3BA792-1902-4AEB-96C1-B2CE26FCB18F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:xalan-java:2.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5611DEED-93E1-4B28-A8B2-EB46630E9BE6"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:webcenter_sites:7.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3EEBF10-2C32-4F5E-8245-9C485A191113"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB4709C-6373-43CC-918C-876A6569865A"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0348.html",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1888.html",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/57563",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/59036",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/59151",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/59247",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/59290",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/59291",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/59369",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/59515",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/59711",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://secunia.com/advisories/60502",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://svn.apache.org/viewvc?view=revision&revision=1581058",
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www.debian.org/security/2014/dsa-2886",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21677967",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www.ocert.org/advisories/ocert-2014-002.html",
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ]
    },
    {
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/66397",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www.securitytracker.com/id/1034711",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://www.securitytracker.com/id/1034716",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92023",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://issues.apache.org/jira/browse/XALANJ-2435",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b%40%3Cdev.tomcat.apache.org%3E",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca%40%3Cdev.tomcat.apache.org%3E",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://security.gentoo.org/glsa/201604-02",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://www.tenable.com/security/tns-2018-15",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0348.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1888.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/57563",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/59036",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/59151",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/59247",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/59290",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/59291",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/59369",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/59515",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/59711",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://secunia.com/advisories/60502",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://svn.apache.org/viewvc?view=revision&revision=1581058",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.debian.org/security/2014/dsa-2886",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21677967",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.ocert.org/advisories/ocert-2014-002.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ]
    },
    {
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/66397",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.securitytracker.com/id/1034711",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.securitytracker.com/id/1034716",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92023",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://issues.apache.org/jira/browse/XALANJ-2435",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b%40%3Cdev.tomcat.apache.org%3E",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca%40%3Cdev.tomcat.apache.org%3E",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://security.gentoo.org/glsa/201604-02",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://www.tenable.com/security/tns-2018-15",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2014-0107",`
			`"sourceIdentifier": "secalert@redhat.com",`
			`"published": "2014-04-15T23:13:13.070",`
Auto-Update: 2024-11-22T19:12:10.918177+00:00 2024-11-22 19:15:24 +00:00			`"lastModified": "2024-11-21T02:01:22.950",`
bootstrap 2023-04-24 12:24:31 +02:00			`"vulnStatus": "Modified",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"cveTags": [],`
bootstrap 2023-04-24 12:24:31 +02:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function."`
			`},`
			`{`
			`"lang": "es",`
			"value": "El TransformerFactory en Apache Xalan-Java anterior a 2.7.2 no restringe debidamente el acceso a ciertas propiedades cuando FEATURE_SECURE_PROCESSING est\u00e1 habilitado, lo cual permite a atacantes remotos evadir restricciones y cargar clases arbitrarias o acceder a recursos externos a trav\u00e9s de una propiedad (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header o (4) xslt:entities manipulada, o una propiedad Java que est\u00e1 ligada a la funci\u00f3n XSLT 1.0 system-property."
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",`
Auto-Update: 2024-11-22T19:12:10.918177+00:00 2024-11-22 19:15:24 +00:00			`"baseScore": 7.5,`
bootstrap 2023-04-24 12:24:31 +02:00			`"accessVector": "NETWORK",`
			`"accessComplexity": "LOW",`
			`"authentication": "NONE",`
			`"confidentialityImpact": "PARTIAL",`
			`"integrityImpact": "PARTIAL",`
Auto-Update: 2024-11-22T19:12:10.918177+00:00 2024-11-22 19:15:24 +00:00			`"availabilityImpact": "PARTIAL"`
bootstrap 2023-04-24 12:24:31 +02:00			`},`
			`"baseSeverity": "HIGH",`
			`"exploitabilityScore": 10.0,`
			`"impactScore": 6.4,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": false,`
			`"userInteractionRequired": false`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-264"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java::::::::",`
			`"versionEndIncluding": "2.7.1",`
			`"matchCriteriaId": "6DAC17F1-EBD3-4351-B417-587A2D7501BE"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:1.0.0:::::::*",`
			`"matchCriteriaId": "F0C500B0-BBEB-4981-B639-48AE9D29FB60"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.0.0:::::::*",`
			`"matchCriteriaId": "5CADED80-EBD1-46A1-AD7D-87BFA26A3C7C"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.0.1:::::::*",`
			`"matchCriteriaId": "745CB7DD-92B7-4B50-BE38-44F0BEE12C64"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.1.0:::::::*",`
			`"matchCriteriaId": "CEE19D33-C03D-4443-A460-63AFD5921329"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.2.0:::::::*",`
			`"matchCriteriaId": "0A443E45-D5F5-40AC-B937-A02A83732089"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.4.0:::::::*",`
			`"matchCriteriaId": "A6ECB30C-3B99-4532-8A9A-BBA694E91CB1"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.4.1:::::::*",`
			`"matchCriteriaId": "4BE168C8-3986-4A97-9CDC-ADDEFB21141C"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.5.0:::::::*",`
			`"matchCriteriaId": "7675485D-F8E9-4FE5-BD3A-7D26CF65A959"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.5.1:::::::*",`
			`"matchCriteriaId": "F5B1727C-243B-44C2-9AC9-6DEC7719D7FB"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.5.2:::::::*",`
			`"matchCriteriaId": "4079C93E-4BED-42D0-B196-E8C123B6DB3A"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.6.0:::::::*",`
			`"matchCriteriaId": "4C3BA792-1902-4AEB-96C1-B2CE26FCB18F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:xalan-java:2.7.0:::::::*",`
			`"matchCriteriaId": "5611DEED-93E1-4B28-A8B2-EB46630E9BE6"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:oracle:webcenter_sites:7.6.2:::::::*",`
			`"matchCriteriaId": "F3EEBF10-2C32-4F5E-8245-9C485A191113"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:::::::*",`
			`"matchCriteriaId": "1BB4709C-6373-43CC-918C-876A6569865A"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "http://rhn.redhat.com/errata/RHSA-2014-0348.html",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://rhn.redhat.com/errata/RHSA-2015-1888.html",`
			`"source": "secalert@redhat.com"`
			`},`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`{`
			`"url": "http://secunia.com/advisories/57563",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59036",`
			`"source": "secalert@redhat.com"`
			`},`
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"url": "http://secunia.com/advisories/59151",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59247",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59290",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59291",`
			`"source": "secalert@redhat.com"`
			`},`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`{`
			`"url": "http://secunia.com/advisories/59369",`
			`"source": "secalert@redhat.com"`
			`},`
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"url": "http://secunia.com/advisories/59515",`
			`"source": "secalert@redhat.com"`
			`},`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`{`
			`"url": "http://secunia.com/advisories/59711",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/60502",`
			`"source": "secalert@redhat.com"`
			`},`
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"url": "http://svn.apache.org/viewvc?view=revision&revision=1581058",`
			`"source": "secalert@redhat.com",`
			`"tags": [`
			`"Patch"`
			`]`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www.debian.org/security/2014/dsa-2886",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www.ibm.com/support/docview.wss?uid=swg21677967",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www.ocert.org/advisories/ocert-2014-002.html",`
			`"source": "secalert@redhat.com",`
			`"tags": [`
			`"US Government Resource"`
			`]`
			`},`
			`{`
			`"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",`
			`"source": "secalert@redhat.com",`
			`"tags": [`
			`"Patch",`
			`"Vendor Advisory"`
			`]`
			`},`
			`{`
			`"url": "http://www.securityfocus.com/bid/66397",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www.securitytracker.com/id/1034711",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "http://www.securitytracker.com/id/1034716",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92023",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "https://issues.apache.org/jira/browse/XALANJ-2435",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",`
bootstrap 2023-04-24 12:24:31 +02:00			`"source": "secalert@redhat.com"`
			`},`
			`{`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",`
bootstrap 2023-04-24 12:24:31 +02:00			`"source": "secalert@redhat.com"`
			`},`
			`{`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"url": "https://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b%40%3Cdev.tomcat.apache.org%3E",`
bootstrap 2023-04-24 12:24:31 +02:00			`"source": "secalert@redhat.com"`
			`},`
			`{`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"url": "https://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca%40%3Cdev.tomcat.apache.org%3E",`
bootstrap 2023-04-24 12:24:31 +02:00			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "https://security.gentoo.org/glsa/201604-02",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "https://www.oracle.com//security-alerts/cpujul2021.html",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "https://www.oracle.com/security-alerts/cpuoct2021.html",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",`
			`"source": "secalert@redhat.com"`
			`},`
			`{`
			`"url": "https://www.tenable.com/security/tns-2018-15",`
			`"source": "secalert@redhat.com"`
Auto-Update: 2024-11-22T19:12:10.918177+00:00 2024-11-22 19:15:24 +00:00			`},`
			`{`
			`"url": "http://rhn.redhat.com/errata/RHSA-2014-0348.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://rhn.redhat.com/errata/RHSA-2015-1888.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/57563",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59036",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59151",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59247",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59290",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59291",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59369",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59515",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/59711",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://secunia.com/advisories/60502",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://svn.apache.org/viewvc?view=revision&revision=1581058",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Patch"`
			`]`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www.debian.org/security/2014/dsa-2886",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www.ibm.com/support/docview.wss?uid=swg21677967",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www.ocert.org/advisories/ocert-2014-002.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"US Government Resource"`
			`]`
			`},`
			`{`
			`"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Patch",`
			`"Vendor Advisory"`
			`]`
			`},`
			`{`
			`"url": "http://www.securityfocus.com/bid/66397",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www.securitytracker.com/id/1034711",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "http://www.securitytracker.com/id/1034716",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92023",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://issues.apache.org/jira/browse/XALANJ-2435",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b%40%3Cdev.tomcat.apache.org%3E",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca%40%3Cdev.tomcat.apache.org%3E",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://security.gentoo.org/glsa/201604-02",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://www.oracle.com//security-alerts/cpujul2021.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://www.oracle.com/security-alerts/cpuoct2021.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://www.tenable.com/security/tns-2018-15",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`]`
			`}`