NVD Vulnerability Detail

CVE-2022-34169

Summary	The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
Publication Date	July 20, 2022, 3:15 a.m.
Registration Date	July 20, 2022, 10 a.m.
Last Update	Nov. 21, 2024, 4:08 p.m.

CVSS3.1 : HIGH
スコア	7.5
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	なし
完全性への影響(I)	高
可用性への影響(A)	なし

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:apache:xalan-java::::::::			2.7.2

Configuration2	or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:10.0:::::::*
cpe:2.3:o:debian:debian_linux:11.0:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:oracle:jre:17.0.3.1:::::::*
cpe:2.3:a:oracle:jre:18.0.1.1:::::::*
cpe:2.3:a:oracle:jre:11.0.15.1:::::::*
cpe:2.3:a:oracle:jre:1.8.0:update333::::::
cpe:2.3:a:oracle:jre:1.7.0:update343::::::
cpe:2.3:a:oracle:jdk:17.0.3.1:::::::*
cpe:2.3:a:oracle:graalvm:22.1.0::::enterprise:::
cpe:2.3:a:oracle:graalvm:21.3.2::::enterprise:::
cpe:2.3:a:oracle:graalvm:20.3.6::::enterprise:::
cpe:2.3:a:oracle:jdk:1.7.0:update343::::::
cpe:2.3:a:oracle:jdk:1.8.0:update333::::::
cpe:2.3:a:oracle:jdk:11.0.15.1:::::::*
cpe:2.3:a:oracle:jdk:18.0.1.1:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:oracle:openjdk:8:-::::::
cpe:2.3:a:oracle:openjdk:8:update102::::::
cpe:2.3:a:oracle:openjdk:8:update112::::::
cpe:2.3:a:oracle:openjdk:8:update152::::::
cpe:2.3:a:oracle:openjdk:8:update162::::::
cpe:2.3:a:oracle:openjdk:8:update172::::::
cpe:2.3:a:oracle:openjdk:7:update241::::::
cpe:2.3:a:oracle:openjdk:8:update92::::::
cpe:2.3:a:oracle:openjdk:8:update72::::::
cpe:2.3:a:oracle:openjdk:8:update66::::::
cpe:2.3:a:oracle:openjdk:8:update60::::::
cpe:2.3:a:oracle:openjdk:8:update40::::::
cpe:2.3:a:oracle:openjdk:8:update232::::::
cpe:2.3:a:oracle:openjdk:8:update222::::::
cpe:2.3:a:oracle:openjdk:8:update212::::::
cpe:2.3:a:oracle:openjdk:8:update202::::::
cpe:2.3:a:oracle:openjdk:8:update20::::::
cpe:2.3:a:oracle:openjdk:8:update192::::::
cpe:2.3:a:oracle:openjdk:8:update65::::::
cpe:2.3:a:oracle:openjdk:8:update71::::::
cpe:2.3:a:oracle:openjdk:8:update73::::::
cpe:2.3:a:oracle:openjdk:8:update74::::::
cpe:2.3:a:oracle:openjdk:8:update77::::::
cpe:2.3:a:oracle:openjdk:8:update91::::::
cpe:2.3:a:oracle:openjdk:8:update101::::::
cpe:2.3:a:oracle:openjdk:8:update111::::::
cpe:2.3:a:oracle:openjdk:8:update121::::::
cpe:2.3:a:oracle:openjdk:8:update131::::::
cpe:2.3:a:oracle:openjdk:8:update141::::::
cpe:2.3:a:oracle:openjdk:8:update151::::::
cpe:2.3:a:oracle:openjdk:8:update161::::::
cpe:2.3:a:oracle:openjdk:8:update171::::::
cpe:2.3:a:oracle:openjdk:8:update181::::::
cpe:2.3:a:oracle:openjdk:8:update191::::::
cpe:2.3:a:oracle:openjdk:8:update201::::::
cpe:2.3:a:oracle:openjdk:8:update211::::::
cpe:2.3:a:oracle:openjdk:8:update45::::::
cpe:2.3:a:oracle:openjdk:8:update51::::::
cpe:2.3:a:oracle:openjdk:8:update241::::::
cpe:2.3:a:oracle:openjdk:7:-::::::
cpe:2.3:a:oracle:openjdk:7:update85::::::
cpe:2.3:a:oracle:openjdk:7:update80::::::
cpe:2.3:a:oracle:openjdk:8:update25::::::
cpe:2.3:a:oracle:openjdk:8:update31::::::
cpe:2.3:a:oracle:openjdk:8:update5::::::
cpe:2.3:a:oracle:openjdk:8:update11::::::
cpe:2.3:a:oracle:openjdk:8:update221::::::
cpe:2.3:a:oracle:openjdk:8:update231::::::
cpe:2.3:a:oracle:openjdk:7:update251::::::
cpe:2.3:a:oracle:openjdk:7:update231::::::
cpe:2.3:a:oracle:openjdk:7:update221::::::
cpe:2.3:a:oracle:openjdk:7:update211::::::
cpe:2.3:a:oracle:openjdk:7:update201::::::
cpe:2.3:a:oracle:openjdk:7:update191::::::
cpe:2.3:a:oracle:openjdk:7:update181::::::
cpe:2.3:a:oracle:openjdk:7:update171::::::
cpe:2.3:a:oracle:openjdk:7:update161::::::
cpe:2.3:a:oracle:openjdk:7:update151::::::
cpe:2.3:a:oracle:openjdk:7:update141::::::
cpe:2.3:a:oracle:openjdk:7:update131::::::
cpe:2.3:a:oracle:openjdk:7:update121::::::
cpe:2.3:a:oracle:openjdk:7:update111::::::
cpe:2.3:a:oracle:openjdk:7:update101::::::
cpe:2.3:a:oracle:openjdk:7:update99::::::
cpe:2.3:a:oracle:openjdk:7:update97::::::
cpe:2.3:a:oracle:openjdk:7:update95::::::
cpe:2.3:a:oracle:openjdk:7:update91::::::
cpe:2.3:a:oracle:openjdk:7:update76::::::
cpe:2.3:a:oracle:openjdk:7:update72::::::
cpe:2.3:a:oracle:openjdk:7:update67::::::
cpe:2.3:a:oracle:openjdk:7:update65::::::
cpe:2.3:a:oracle:openjdk:7:update60::::::
cpe:2.3:a:oracle:openjdk:7:update55::::::
cpe:2.3:a:oracle:openjdk:7:update51::::::
cpe:2.3:a:oracle:openjdk:7:update45::::::
cpe:2.3:a:oracle:openjdk:7:update40::::::
cpe:2.3:a:oracle:openjdk:7:update25::::::
cpe:2.3:a:oracle:openjdk:7:update21::::::
cpe:2.3:a:oracle:openjdk:7:update17::::::
cpe:2.3:a:oracle:openjdk:7:update15::::::
cpe:2.3:a:oracle:openjdk:7:update13::::::
cpe:2.3:a:oracle:openjdk:7:update11::::::
cpe:2.3:a:oracle:openjdk:7:update10::::::
cpe:2.3:a:oracle:openjdk:7:update9::::::
cpe:2.3:a:oracle:openjdk:7:update7::::::
cpe:2.3:a:oracle:openjdk:7:update6::::::
cpe:2.3:a:oracle:openjdk:7:update5::::::
cpe:2.3:a:oracle:openjdk:7:update4::::::
cpe:2.3:a:oracle:openjdk:7:update3::::::
cpe:2.3:a:oracle:openjdk:7:update2::::::
cpe:2.3:a:oracle:openjdk:7:update1::::::
cpe:2.3:a:oracle:openjdk:8:update271::::::
cpe:2.3:a:oracle:openjdk:8:update281::::::
cpe:2.3:a:oracle:openjdk:8:milestone1::::::
cpe:2.3:a:oracle:openjdk:8:milestone2::::::
cpe:2.3:a:oracle:openjdk:8:update282::::::
cpe:2.3:a:oracle:openjdk:8:milestone3::::::
cpe:2.3:a:oracle:openjdk:8:milestone4::::::
cpe:2.3:a:oracle:openjdk:8:milestone5::::::
cpe:2.3:a:oracle:openjdk:8:milestone6::::::
cpe:2.3:a:oracle:openjdk:8:milestone7::::::
cpe:2.3:a:oracle:openjdk:8:milestone8::::::
cpe:2.3:a:oracle:openjdk:8:milestone9::::::
cpe:2.3:a:oracle:openjdk:7:update271::::::
cpe:2.3:a:oracle:openjdk:7:update281::::::
cpe:2.3:a:oracle:openjdk:7:update291::::::
cpe:2.3:a:oracle:openjdk:8:update242::::::
cpe:2.3:a:oracle:openjdk:8:update252::::::
cpe:2.3:a:oracle:openjdk:8:update262::::::
cpe:2.3:a:oracle:openjdk:7:update261::::::
cpe:2.3:a:oracle:openjdk:8:update291::::::
cpe:2.3:a:oracle:openjdk:7:update301::::::
cpe:2.3:a:oracle:openjdk:8:update301::::::
cpe:2.3:a:oracle:openjdk:7:update311::::::
cpe:2.3:a:oracle:openjdk:7:update321::::::
cpe:2.3:a:oracle:openjdk:8:update312::::::
cpe:2.3:a:oracle:openjdk:8:update302::::::
cpe:2.3:a:oracle:openjdk:8:update322::::::
cpe:2.3:a:oracle:openjdk:18:::::::*
cpe:2.3:a:oracle:openjdk::::::::	11	11.0.15
cpe:2.3:a:oracle:openjdk::::::::	15	15.0.7
cpe:2.3:a:oracle:openjdk::::::::	17	17.0.3
cpe:2.3:a:oracle:openjdk::::::::	13	13.0.11
cpe:2.3:a:oracle:openjdk:8:update332::::::

Configuration5	or higher	or less	more than	less than
cpe:2.3:o:fedoraproject:fedora:35:::::::*
cpe:2.3:o:fedoraproject:fedora:36:::::::*

Configuration6	or higher	or less	more than	less than
cpe:2.3:a:netapp:oncommand_insight:-:::::::*
cpe:2.3:a:netapp:solidfire:-:::::::*
cpe:2.3:a:netapp:hci_management_node:-:::::::*
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
cpe:2.3:h:netapp:hci_compute_node:-:::::::*
cpe:2.3:a:netapp:7-mode_transition_tool:-:::::::*
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:::::::*
cpe:2.3:a:netapp:cloud_secure_agent:-:::::::*

Configuration7	or higher	or less	more than	less than
cpe:2.3:a:azul:zulu:17.34:::::::*
cpe:2.3:a:azul:zulu:6.47:::::::*
cpe:2.3:a:azul:zulu:7.54:::::::*
cpe:2.3:a:azul:zulu:8.62:::::::*
cpe:2.3:a:azul:zulu:11.56:::::::*
cpe:2.3:a:azul:zulu:13.48:::::::*
cpe:2.3:a:azul:zulu:18.30:::::::*
cpe:2.3:a:azul:zulu:15.40:::::::*

Related information, measures and tools

No	URL	タグ
1	http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html	Third Party Advisory VDB Entry
2	http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html	Third Party Advisory VDB Entry
3	http://www.openwall.com/lists/oss-security/2022/07/19/5	Mailing List Third Party Advisory
4	http://www.openwall.com/lists/oss-security/2022/07/19/5	Mailing List Third Party Advisory
5	http://www.openwall.com/lists/oss-security/2022/07/19/6	Mailing List Third Party Advisory
6	http://www.openwall.com/lists/oss-security/2022/07/19/6	Mailing List Third Party Advisory
7	http://www.openwall.com/lists/oss-security/2022/07/20/2	Mailing List Third Party Advisory
8	http://www.openwall.com/lists/oss-security/2022/07/20/2	Mailing List Third Party Advisory
9	http://www.openwall.com/lists/oss-security/2022/07/20/3	Mailing List Patch Third Party Advisory
10	http://www.openwall.com/lists/oss-security/2022/07/20/3	Mailing List Patch Third Party Advisory
11	http://www.openwall.com/lists/oss-security/2022/10/18/2	Mailing List Patch Third Party Advisory
12	http://www.openwall.com/lists/oss-security/2022/10/18/2	Mailing List Patch Third Party Advisory
13	http://www.openwall.com/lists/oss-security/2022/11/04/8	Mailing List Third Party Advisory
14	http://www.openwall.com/lists/oss-security/2022/11/04/8	Mailing List Third Party Advisory
15	http://www.openwall.com/lists/oss-security/2022/11/07/2	Mailing List Third Party Advisory
16	http://www.openwall.com/lists/oss-security/2022/11/07/2	Mailing List Third Party Advisory
17	https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw	Issue Tracking Mailing List Vendor Advisory
18	https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw	Issue Tracking Mailing List Vendor Advisory
19	https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8	Issue Tracking Mailing List Vendor Advisory
20	https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8	Issue Tracking Mailing List Vendor Advisory
21	https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html	Mailing List Third Party Advisory
22	https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html	Mailing List Third Party Advisory
23	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/
24	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/
25	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/
26	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/
27	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/
28	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/
29	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/
30	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/
31	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/
32	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/
33	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/
34	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/
35	https://security.gentoo.org/glsa/202401-25
36	https://security.gentoo.org/glsa/202401-25
37	https://security.netapp.com/advisory/ntap-20220729-0009/	Third Party Advisory
38	https://security.netapp.com/advisory/ntap-20220729-0009/	Third Party Advisory
39	https://security.netapp.com/advisory/ntap-20240621-0006/
40	https://security.netapp.com/advisory/ntap-20240621-0006/
41	https://www.debian.org/security/2022/dsa-5188	Third Party Advisory
42	https://www.debian.org/security/2022/dsa-5188	Third Party Advisory
43	https://www.debian.org/security/2022/dsa-5192	Third Party Advisory
44	https://www.debian.org/security/2022/dsa-5192	Third Party Advisory
45	https://www.debian.org/security/2022/dsa-5256	Third Party Advisory
46	https://www.debian.org/security/2022/dsa-5256	Third Party Advisory
47	https://www.oracle.com/security-alerts/cpujul2022.html	Patch Third Party Advisory
48	https://www.oracle.com/security-alerts/cpujul2022.html	Patch Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-681	数値型間の変換の誤り	https://cwe.mitre.org/data/definitions/681.html

JVN Vulnerability Information

Apache Xalan Java XSLT ライブラリにおける数値型間の変換の誤りに関する脆弱性

Title	Apache Xalan Java XSLT ライブラリにおける数値型間の変換の誤りに関する脆弱性
Summary	Apache Xalan Java XSLT ライブラリには、数値型間の変換の誤りに関する脆弱性が存在します。
Possible impacts	情報を改ざんされる可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	July 13, 2022, midnight
Registration Date	Aug. 2, 2022, 11:13 a.m.
Last Update	April 23, 2025, 11:29 a.m.

Affected System

Apache Software Foundation

Xalan-Java

オラクル

JDK

JRE

Oracle GraalVM

日立

Cosminexus Developer's Kit for Java(TM)

Cosminexus XML Processor

Hitachi Application Server

Hitachi Application Server for Developers

Hitachi Automation Director

Hitachi Compute Systems Manager

Hitachi Configuration Manager

Hitachi Developer's Kit for Java

Hitachi Device Manager

Hitachi Dynamic Link Manager

Hitachi Global Link Manager

Hitachi Infrastructure Analytics Advisor

Hitachi Ops Center Administrator

Hitachi Ops Center Analyzer

Hitachi Ops Center Analyzer viewpoint

Hitachi Ops Center API Configuration Manager

Hitachi Ops Center Automator

Hitachi Ops Center Common Services

Hitachi Ops Center Viewpoint

Hitachi Replication Manager

Hitachi Tiered Storage Manager

Hitachi Tuning Manager

JP1/Automatic Operation

JP1/Operations Analytics

uCosminexus Application Runtime with Java for Apache Tomcat

uCosminexus Application Server

uCosminexus Application Server Enterprise

uCosminexus Application Server Enterprise Custom Edition

uCosminexus Application Server Express

uCosminexus Application Server Light

uCosminexus Application Server Smart Edition

uCosminexus Application Server Standard

uCosminexus Application Server Standard Custom Edition

uCosminexus Application Server Standard-R

uCosminexus Application Server(64)

uCosminexus Application Server-R

uCosminexus Client

uCosminexus Client for ATM

uCosminexus Client for Plug-in

uCosminexus Developer

uCosminexus Developer 01

uCosminexus Developer Light

uCosminexus Developer Professional

uCosminexus Developer Professional for ATM

uCosminexus Developer Professional for Plug-in

uCosminexus Developer Standard

uCosminexus Operator

uCosminexus Operator for Service Platform

uCosminexus Primary Server Base

uCosminexus Primary Server Base(64)

uCosminexus Service Architect

uCosminexus Service Platform

uCosminexus Service Platform(64)

プログラミング環境 for Java

Debian

Debian GNU/Linux

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2022-34169	https://www.cve.org/CVERecord?id=CVE-2022-34169
National Vulnerability Database (NVD)
2	CVE-2022-34169	https://nvd.nist.gov/vuln/detail/CVE-2022-34169
Pony Mail
3	CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets	https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-681	http://cwe.mitre.org/data/definitions/681.html

ベンダー情報

No	Name	URL
Debian Security Advisory
1	DSA-5188-1	https://www.debian.org/security/2022/dsa-5188
2	DSA-5192-1	https://www.debian.org/security/2022/dsa-5192
Hitachi Software Vulnerability Information
3	hitachi-sec-2022-122	https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-122/index.html
4	hitachi-sec-2022-127	https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-127/index.html
5	hitachi-sec-2025-114	https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-114/index.html
Oracle Critical Patch Update
6	Oracle Critical Patch Update Advisory - July 2022	https://www.oracle.com/security-alerts/cpujul2022.html
Pony Mail
7	Retire Xalan to the Attic	https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8
ソフトウェア製品セキュリティ情報
8	hitachi-sec-2022-122	https://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2022-122/index.html
9	hitachi-sec-2022-127	https://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2022-127/index.html
10	hitachi-sec-2025-114	https://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2025-114/index.html

Change Log

No	Changed Details	Date of change
3	[2023年08月09日] 影響を受けるシステム：ベンダ情報 (hitachi-sec-2022-122) の更新に伴い内容を更新	Aug. 9, 2023, 4:19 p.m.
1	[2022年08月02日] 掲載	Aug. 2, 2022, 11:13 a.m.
2	[2022年08月10日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：日立 (hitachi-sec-2022-127) を追加	Aug. 10, 2022, 3:15 p.m.
4	[2025年04月23日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：日立 (hitachi-sec-2025-114) を追加	April 23, 2025, 11 a.m.

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:oracle:jre:17.0.3.1:::::::*
cpe:2.3:a:oracle:jre:18.0.1.1:::::::*
cpe:2.3:a:oracle:jre:11.0.15.1:::::::*
cpe:2.3:a:oracle:jre:1.8.0:update333::::::
cpe:2.3:a:oracle:jre:1.7.0:update343::::::
cpe:2.3:a:oracle:jdk:17.0.3.1:::::::*
cpe:2.3:a:oracle:graalvm:22.1.0::::enterprise:::
cpe:2.3:a:oracle:graalvm:21.3.2::::enterprise:::
cpe:2.3:a:oracle:graalvm:20.3.6::::enterprise:::
cpe:2.3:a:oracle:jdk:1.7.0:update343::::::
cpe:2.3:a:oracle:jdk:1.8.0:update333::::::
cpe:2.3:a:oracle:jdk:11.0.15.1:::::::*
cpe:2.3:a:oracle:jdk:18.0.1.1:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:oracle:openjdk:8:-::::::
cpe:2.3:a:oracle:openjdk:8:update102::::::
cpe:2.3:a:oracle:openjdk:8:update112::::::
cpe:2.3:a:oracle:openjdk:8:update152::::::
cpe:2.3:a:oracle:openjdk:8:update162::::::
cpe:2.3:a:oracle:openjdk:8:update172::::::
cpe:2.3:a:oracle:openjdk:7:update241::::::
cpe:2.3:a:oracle:openjdk:8:update92::::::
cpe:2.3:a:oracle:openjdk:8:update72::::::
cpe:2.3:a:oracle:openjdk:8:update66::::::
cpe:2.3:a:oracle:openjdk:8:update60::::::
cpe:2.3:a:oracle:openjdk:8:update40::::::
cpe:2.3:a:oracle:openjdk:8:update232::::::
cpe:2.3:a:oracle:openjdk:8:update222::::::
cpe:2.3:a:oracle:openjdk:8:update212::::::
cpe:2.3:a:oracle:openjdk:8:update202::::::
cpe:2.3:a:oracle:openjdk:8:update20::::::
cpe:2.3:a:oracle:openjdk:8:update192::::::
cpe:2.3:a:oracle:openjdk:8:update65::::::
cpe:2.3:a:oracle:openjdk:8:update71::::::
cpe:2.3:a:oracle:openjdk:8:update73::::::
cpe:2.3:a:oracle:openjdk:8:update74::::::
cpe:2.3:a:oracle:openjdk:8:update77::::::
cpe:2.3:a:oracle:openjdk:8:update91::::::
cpe:2.3:a:oracle:openjdk:8:update101::::::
cpe:2.3:a:oracle:openjdk:8:update111::::::
cpe:2.3:a:oracle:openjdk:8:update121::::::
cpe:2.3:a:oracle:openjdk:8:update131::::::
cpe:2.3:a:oracle:openjdk:8:update141::::::
cpe:2.3:a:oracle:openjdk:8:update151::::::
cpe:2.3:a:oracle:openjdk:8:update161::::::
cpe:2.3:a:oracle:openjdk:8:update171::::::
cpe:2.3:a:oracle:openjdk:8:update181::::::
cpe:2.3:a:oracle:openjdk:8:update191::::::
cpe:2.3:a:oracle:openjdk:8:update201::::::
cpe:2.3:a:oracle:openjdk:8:update211::::::
cpe:2.3:a:oracle:openjdk:8:update45::::::
cpe:2.3:a:oracle:openjdk:8:update51::::::
cpe:2.3:a:oracle:openjdk:8:update241::::::
cpe:2.3:a:oracle:openjdk:7:-::::::
cpe:2.3:a:oracle:openjdk:7:update85::::::
cpe:2.3:a:oracle:openjdk:7:update80::::::
cpe:2.3:a:oracle:openjdk:8:update25::::::
cpe:2.3:a:oracle:openjdk:8:update31::::::
cpe:2.3:a:oracle:openjdk:8:update5::::::
cpe:2.3:a:oracle:openjdk:8:update11::::::
cpe:2.3:a:oracle:openjdk:8:update221::::::
cpe:2.3:a:oracle:openjdk:8:update231::::::
cpe:2.3:a:oracle:openjdk:7:update251::::::
cpe:2.3:a:oracle:openjdk:7:update231::::::
cpe:2.3:a:oracle:openjdk:7:update221::::::
cpe:2.3:a:oracle:openjdk:7:update211::::::
cpe:2.3:a:oracle:openjdk:7:update201::::::
cpe:2.3:a:oracle:openjdk:7:update191::::::
cpe:2.3:a:oracle:openjdk:7:update181::::::
cpe:2.3:a:oracle:openjdk:7:update171::::::
cpe:2.3:a:oracle:openjdk:7:update161::::::
cpe:2.3:a:oracle:openjdk:7:update151::::::
cpe:2.3:a:oracle:openjdk:7:update141::::::
cpe:2.3:a:oracle:openjdk:7:update131::::::
cpe:2.3:a:oracle:openjdk:7:update121::::::
cpe:2.3:a:oracle:openjdk:7:update111::::::
cpe:2.3:a:oracle:openjdk:7:update101::::::
cpe:2.3:a:oracle:openjdk:7:update99::::::
cpe:2.3:a:oracle:openjdk:7:update97::::::
cpe:2.3:a:oracle:openjdk:7:update95::::::
cpe:2.3:a:oracle:openjdk:7:update91::::::
cpe:2.3:a:oracle:openjdk:7:update76::::::
cpe:2.3:a:oracle:openjdk:7:update72::::::
cpe:2.3:a:oracle:openjdk:7:update67::::::
cpe:2.3:a:oracle:openjdk:7:update65::::::
cpe:2.3:a:oracle:openjdk:7:update60::::::
cpe:2.3:a:oracle:openjdk:7:update55::::::
cpe:2.3:a:oracle:openjdk:7:update51::::::
cpe:2.3:a:oracle:openjdk:7:update45::::::
cpe:2.3:a:oracle:openjdk:7:update40::::::
cpe:2.3:a:oracle:openjdk:7:update25::::::
cpe:2.3:a:oracle:openjdk:7:update21::::::
cpe:2.3:a:oracle:openjdk:7:update17::::::
cpe:2.3:a:oracle:openjdk:7:update15::::::
cpe:2.3:a:oracle:openjdk:7:update13::::::
cpe:2.3:a:oracle:openjdk:7:update11::::::
cpe:2.3:a:oracle:openjdk:7:update10::::::
cpe:2.3:a:oracle:openjdk:7:update9::::::
cpe:2.3:a:oracle:openjdk:7:update7::::::
cpe:2.3:a:oracle:openjdk:7:update6::::::
cpe:2.3:a:oracle:openjdk:7:update5::::::
cpe:2.3:a:oracle:openjdk:7:update4::::::
cpe:2.3:a:oracle:openjdk:7:update3::::::
cpe:2.3:a:oracle:openjdk:7:update2::::::
cpe:2.3:a:oracle:openjdk:7:update1::::::
cpe:2.3:a:oracle:openjdk:8:update271::::::
cpe:2.3:a:oracle:openjdk:8:update281::::::
cpe:2.3:a:oracle:openjdk:8:milestone1::::::
cpe:2.3:a:oracle:openjdk:8:milestone2::::::
cpe:2.3:a:oracle:openjdk:8:update282::::::
cpe:2.3:a:oracle:openjdk:8:milestone3::::::
cpe:2.3:a:oracle:openjdk:8:milestone4::::::
cpe:2.3:a:oracle:openjdk:8:milestone5::::::
cpe:2.3:a:oracle:openjdk:8:milestone6::::::
cpe:2.3:a:oracle:openjdk:8:milestone7::::::
cpe:2.3:a:oracle:openjdk:8:milestone8::::::
cpe:2.3:a:oracle:openjdk:8:milestone9::::::
cpe:2.3:a:oracle:openjdk:7:update271::::::
cpe:2.3:a:oracle:openjdk:7:update281::::::
cpe:2.3:a:oracle:openjdk:7:update291::::::
cpe:2.3:a:oracle:openjdk:8:update242::::::
cpe:2.3:a:oracle:openjdk:8:update252::::::
cpe:2.3:a:oracle:openjdk:8:update262::::::
cpe:2.3:a:oracle:openjdk:7:update261::::::
cpe:2.3:a:oracle:openjdk:8:update291::::::
cpe:2.3:a:oracle:openjdk:7:update301::::::
cpe:2.3:a:oracle:openjdk:8:update301::::::
cpe:2.3:a:oracle:openjdk:7:update311::::::
cpe:2.3:a:oracle:openjdk:7:update321::::::
cpe:2.3:a:oracle:openjdk:8:update312::::::
cpe:2.3:a:oracle:openjdk:8:update302::::::
cpe:2.3:a:oracle:openjdk:8:update322::::::
cpe:2.3:a:oracle:openjdk:18:::::::*
cpe:2.3:a:oracle:openjdk::::::::	11	11.0.15
cpe:2.3:a:oracle:openjdk::::::::	15	15.0.7
cpe:2.3:a:oracle:openjdk::::::::	17	17.0.3
cpe:2.3:a:oracle:openjdk::::::::	13	13.0.11
cpe:2.3:a:oracle:openjdk:8:update332::::::

Configuration6	or higher	or less	more than	less than
cpe:2.3:a:netapp:oncommand_insight:-:::::::*
cpe:2.3:a:netapp:solidfire:-:::::::*
cpe:2.3:a:netapp:hci_management_node:-:::::::*
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
cpe:2.3:h:netapp:hci_compute_node:-:::::::*
cpe:2.3:a:netapp:7-mode_transition_tool:-:::::::*
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:::::::*
cpe:2.3:a:netapp:cloud_secure_agent:-:::::::*

Configuration7	or higher	or less	more than	less than
cpe:2.3:a:azul:zulu:17.34:::::::*
cpe:2.3:a:azul:zulu:6.47:::::::*
cpe:2.3:a:azul:zulu:7.54:::::::*
cpe:2.3:a:azul:zulu:8.62:::::::*
cpe:2.3:a:azul:zulu:11.56:::::::*
cpe:2.3:a:azul:zulu:13.48:::::::*
cpe:2.3:a:azul:zulu:18.30:::::::*
cpe:2.3:a:azul:zulu:15.40:::::::*