CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets
First published: Tue Jul 19 2022(Updated: )
An integer truncation issue was found in the Xalan Java XSLT library when processing malicious stylesheets. This flaw could be used to potentially execute arbitrary Java bytecode.
Credit: security@apache.org security@apache.org security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/bcel | <=6.2-1 | 6.2-1+deb10u1 6.5.0-1+deb11u1 6.5.0-2 |
| debian/openjdk-11 | 11.0.16+8-1~deb10u1 11.0.21+9-1~deb10u1 11.0.20+8-1~deb11u1 11.0.21+9-1~deb11u1 11.0.21+9-1 | |
| debian/openjdk-17 | 17.0.7+7-1~deb11u1 17.0.8+7-1~deb12u1 17.0.9+9-1 | |
| debian/openjdk-8 | 8u392-ga-1 | |
| maven/xalan:xalan | <2.7.3 | 2.7.3 |
| IBM Data Virtualization on Cloud Pak for Data | <=3.0 | |
| IBM Watson Query with Cloud Pak for Data | <=2.2 | |
| IBM Watson Query with Cloud Pak for Data | <=2.1 | |
| IBM Watson Query with Cloud Pak for Data | <=2.0 | |
| IBM Data Virtualization on Cloud Pak for Data | <=1.8 | |
| IBM Data Virtualization on Cloud Pak for Data | <=1.7 | |
| Apache Xalan-Java | <=2.7.2 | |
| Debian | =10.0 | |
| Debian | =11.0 | |
| Oracle GraalVM Enterprise Edition | =20.3.6 | |
| Oracle GraalVM Enterprise Edition | =21.3.2 | |
| Oracle GraalVM Enterprise Edition | =22.1.0 | |
| Oracle OpenJDK 1.8.0 | =1.7.0-update343 | |
| Oracle OpenJDK 1.8.0 | =1.8.0-update333 | |
| Oracle OpenJDK 1.8.0 | =11.0.15.1 | |
| Oracle OpenJDK 1.8.0 | =17.0.3.1 | |
| Oracle OpenJDK 1.8.0 | =18.0.1.1 | |
| Oracle JRE | =1.7.0-update343 | |
| Oracle JRE | =1.8.0-update333 | |
| Oracle JRE | =11.0.15.1 | |
| Oracle JRE | =17.0.3.1 | |
| Oracle JRE | =18.0.1.1 | |
| OpenJDK 8 | >=11<=11.0.15 | |
| OpenJDK 8 | >=13<=13.0.11 | |
| OpenJDK 8 | >=15<=15.0.7 | |
| OpenJDK 8 | >=17<=17.0.3 | |
| OpenJDK 8 | =7 | |
| OpenJDK 8 | =7-update1 | |
| OpenJDK 8 | =7-update10 | |
| OpenJDK 8 | =7-update101 | |
| OpenJDK 8 | =7-update11 | |
| OpenJDK 8 | =7-update111 | |
| OpenJDK 8 | =7-update121 | |
| OpenJDK 8 | =7-update13 | |
| OpenJDK 8 | =7-update131 | |
| OpenJDK 8 | =7-update141 | |
| OpenJDK 8 | =7-update15 | |
| OpenJDK 8 | =7-update151 | |
| OpenJDK 8 | =7-update161 | |
| OpenJDK 8 | =7-update17 | |
| OpenJDK 8 | =7-update171 | |
| OpenJDK 8 | =7-update181 | |
| OpenJDK 8 | =7-update191 | |
| OpenJDK 8 | =7-update2 | |
| OpenJDK 8 | =7-update201 | |
| OpenJDK 8 | =7-update21 | |
| OpenJDK 8 | =7-update211 | |
| OpenJDK 8 | =7-update221 | |
| OpenJDK 8 | =7-update231 | |
| OpenJDK 8 | =7-update241 | |
| OpenJDK 8 | =7-update25 | |
| OpenJDK 8 | =7-update251 | |
| OpenJDK 8 | =7-update261 | |
| OpenJDK 8 | =7-update271 | |
| OpenJDK 8 | =7-update281 | |
| OpenJDK 8 | =7-update291 | |
| OpenJDK 8 | =7-update3 | |
| OpenJDK 8 | =7-update301 | |
| OpenJDK 8 | =7-update311 | |
| OpenJDK 8 | =7-update321 | |
| OpenJDK 8 | =7-update4 | |
| OpenJDK 8 | =7-update40 | |
| OpenJDK 8 | =7-update45 | |
| OpenJDK 8 | =7-update5 | |
| OpenJDK 8 | =7-update51 | |
| OpenJDK 8 | =7-update55 | |
| OpenJDK 8 | =7-update6 | |
| OpenJDK 8 | =7-update60 | |
| OpenJDK 8 | =7-update65 | |
| OpenJDK 8 | =7-update67 | |
| OpenJDK 8 | =7-update7 | |
| OpenJDK 8 | =7-update72 | |
| OpenJDK 8 | =7-update76 | |
| OpenJDK 8 | =7-update80 | |
| OpenJDK 8 | =7-update85 | |
| OpenJDK 8 | =7-update9 | |
| OpenJDK 8 | =7-update91 | |
| OpenJDK 8 | =7-update95 | |
| OpenJDK 8 | =7-update97 | |
| OpenJDK 8 | =7-update99 | |
| OpenJDK 8 | =8 | |
| OpenJDK 8 | =8-milestone1 | |
| OpenJDK 8 | =8-milestone2 | |
| OpenJDK 8 | =8-milestone3 | |
| OpenJDK 8 | =8-milestone4 | |
| OpenJDK 8 | =8-milestone5 | |
| OpenJDK 8 | =8-milestone6 | |
| OpenJDK 8 | =8-milestone7 | |
| OpenJDK 8 | =8-milestone8 | |
| OpenJDK 8 | =8-milestone9 | |
| OpenJDK 8 | =8-update101 | |
| OpenJDK 8 | =8-update102 | |
| OpenJDK 8 | =8-update11 | |
| OpenJDK 8 | =8-update111 | |
| OpenJDK 8 | =8-update112 | |
| OpenJDK 8 | =8-update121 | |
| OpenJDK 8 | =8-update131 | |
| OpenJDK 8 | =8-update141 | |
| OpenJDK 8 | =8-update151 | |
| OpenJDK 8 | =8-update152 | |
| OpenJDK 8 | =8-update161 | |
| OpenJDK 8 | =8-update162 | |
| OpenJDK 8 | =8-update171 | |
| OpenJDK 8 | =8-update172 | |
| OpenJDK 8 | =8-update181 | |
| OpenJDK 8 | =8-update191 | |
| OpenJDK 8 | =8-update192 | |
| OpenJDK 8 | =8-update20 | |
| OpenJDK 8 | =8-update201 | |
| OpenJDK 8 | =8-update202 | |
| OpenJDK 8 | =8-update211 | |
| OpenJDK 8 | =8-update212 | |
| OpenJDK 8 | =8-update221 | |
| OpenJDK 8 | =8-update222 | |
| OpenJDK 8 | =8-update231 | |
| OpenJDK 8 | =8-update232 | |
| OpenJDK 8 | =8-update241 | |
| OpenJDK 8 | =8-update242 | |
| OpenJDK 8 | =8-update25 | |
| OpenJDK 8 | =8-update252 | |
| OpenJDK 8 | =8-update262 | |
| OpenJDK 8 | =8-update271 | |
| OpenJDK 8 | =8-update281 | |
| OpenJDK 8 | =8-update282 | |
| OpenJDK 8 | =8-update291 | |
| OpenJDK 8 | =8-update301 | |
| OpenJDK 8 | =8-update302 | |
| OpenJDK 8 | =8-update31 | |
| OpenJDK 8 | =8-update312 | |
| OpenJDK 8 | =8-update322 | |
| OpenJDK 8 | =8-update332 | |
| OpenJDK 8 | =8-update40 | |
| OpenJDK 8 | =8-update45 | |
| OpenJDK 8 | =8-update5 | |
| OpenJDK 8 | =8-update51 | |
| OpenJDK 8 | =8-update60 | |
| OpenJDK 8 | =8-update65 | |
| OpenJDK 8 | =8-update66 | |
| OpenJDK 8 | =8-update71 | |
| OpenJDK 8 | =8-update72 | |
| OpenJDK 8 | =8-update73 | |
| OpenJDK 8 | =8-update74 | |
| OpenJDK 8 | =8-update77 | |
| OpenJDK 8 | =8-update91 | |
| OpenJDK 8 | =8-update92 | |
| OpenJDK 8 | =18 | |
| Fedora | =35 | |
| Fedora | =36 | |
| NetApp 7-Mode Transition Tool | ||
| NetApp Active IQ Unified Manager for VMware vSphere | ||
| NetApp Active IQ Unified Manager | ||
| NetApp Cloud Insights Acquisition Unit | ||
| NetApp Cloud Secure Agent | ||
| NetApp SolidFire & HCI Management Node | ||
| NetApp OnCommand Insight | ||
| NetApp SolidFire & HCI Storage Node | ||
| NetApp HCI Compute Node | ||
| Azul Zulu JDK | =6.47 | |
| Azul Zulu JDK | =7.54 | |
| Azul Zulu JDK | =8.62 | |
| Azul Zulu JDK | =11.56 | |
| Azul Zulu JDK | =13.48 | |
| Azul Zulu JDK | =15.40 | |
| Azul Zulu JDK | =17.34 | |
| Azul Zulu JDK | =18.30 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://security-tracker.debian.org/tracker/CVE-2022-34169
- https://www.openwall.com/lists/oss-security/2022/07/19/5
- https://github.com/openjdk/jdk/commit/41ef2b249073450172e11163a4d05762364b1297
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169
- https://tracker.debian.org/pkg/bcel
- https://github.com/apache/commons-bcel/commit/f3267cbcc900f80851d561bdd16b239d936947f5
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860
- https://github.com/apache/commons-bcel/pull/147
- https://nvd.nist.gov/vuln/detail/CVE-2022-34169
- https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw
- https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8
- http://www.openwall.com/lists/oss-security/2022/07/19/5
- http://www.openwall.com/lists/oss-security/2022/07/19/6
- http://www.openwall.com/lists/oss-security/2022/07/20/2
- http://www.openwall.com/lists/oss-security/2022/07/20/3
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.debian.org/security/2022/dsa-5188
- https://www.debian.org/security/2022/dsa-5192
- http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html
- https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81
- https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573
- https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21
- https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471
- http://www.openwall.com/lists/oss-security/2022/10/18/2
- https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html
- https://www.debian.org/security/2022/dsa-5256
- http://www.openwall.com/lists/oss-security/2022/11/04/8
- http://www.openwall.com/lists/oss-security/2022/11/07/2
- https://xalan.apache.org
- https://security.gentoo.org/glsa/202401-25
- https://security.netapp.com/advisory/ntap-20240621-0006
- https://security.netapp.com/advisory/ntap-20220729-0009
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L
- https://github.com/advisories/GHSA-9339-86wc-4qgf (Advisory)
- https://security.netapp.com/advisory/ntap-20220729-0009/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA
- https://www.oracle.com/java/technologies/javase/7-support-relnotes.html#R170_351
- https://www.oracle.com/java/technologies/javase/8u341-relnotes.html
- https://www.oracle.com/java/technologies/javase/11-0-16-relnotes.html
- https://www.oracle.com/java/technologies/javase/17-0-4-relnotes.html
- https://www.oracle.com/java/technologies/javase/18-0-2-relnotes.html
- https://access.redhat.com/errata/RHSA-2022:5685
- https://access.redhat.com/errata/RHSA-2022:5684
- https://access.redhat.com/errata/RHSA-2022:5683
- https://access.redhat.com/errata/RHSA-2022:5681
- https://access.redhat.com/errata/RHSA-2022:5687
- https://access.redhat.com/errata/RHSA-2022:5695
- https://access.redhat.com/errata/RHSA-2022:5701
- https://access.redhat.com/errata/RHSA-2022:5697
- https://access.redhat.com/errata/RHSA-2022:5696
- https://access.redhat.com/errata/RHSA-2022:5700
- https://access.redhat.com/errata/RHSA-2022:5698
- https://access.redhat.com/errata/RHSA-2022:5709
- https://access.redhat.com/errata/RHSA-2022:5726
- https://access.redhat.com/errata/RHSA-2022:5736
- https://access.redhat.com/errata/RHSA-2022:5753
- https://access.redhat.com/errata/RHSA-2022:5754
- https://access.redhat.com/errata/RHSA-2022:5755
- https://access.redhat.com/errata/RHSA-2022:5756
- https://access.redhat.com/errata/RHSA-2022:5757
- https://access.redhat.com/errata/RHSA-2022:5758
- https://github.com/openjdk/jdk17u/commit/9dcec4db4a6d8fdfc49eefe8028605d9f26848cc
- https://github.com/openjdk/jdk11u/commit/13bf52c8d876528a43be7cb77a1f452d29a21492
- https://github.com/openjdk/jdk8u/commit/3dca446d440e55cbb7dc3555392f4520ec9ff3bc
- https://access.redhat.com/security/cve/cve-2022-34169
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2227076
- https://access.redhat.com/errata/RHSA-2024:3708
- https://access.redhat.com/errata/RHSA-2024:8077
- https://access.redhat.com/errata/RHSA-2024:8076
- https://access.redhat.com/errata/RHSA-2024:8075
- https://access.redhat.com/errata/RHSA-2024:8080
- https://access.redhat.com/errata/RHSA-2024:8824
- https://access.redhat.com/errata/RHSA-2024:8823
- https://access.redhat.com/errata/RHSA-2024:8826
- https://access.redhat.com/errata/RHSA-2024:10208
- https://access.redhat.com/errata/RHSA-2024:10207
- https://bugzilla.redhat.com/show_bug.cgi?id=2108554
- https://www.ibm.com/support/pages/node/7183851 (Advisory)
Frequently Asked Questions
What is CVE-2022-34169?
CVE-2022-34169 is a vulnerability in the Apache Xalan Java XSLT library that allows a remote attacker to execute arbitrary code on the system.
How does CVE-2022-34169 impact the Apache Xalan Java XSLT library?
CVE-2022-34169 can be exploited by processing malicious XSLT stylesheets, leading to the corruption of Java class files and the execution of arbitrary Java bytecode.
What is the severity of CVE-2022-34169?
CVE-2022-34169 has a severity rating of 7.5 (high).
What software versions are affected by CVE-2022-34169?
The following software versions are affected by CVE-2022-34169: Apache Xalan Java XSLT library versions up to 2.7.2, OpenJDK 11 versions up to 11.0.17, OpenJDK 17 versions up to 17.0.5, and IBM Security Verify Governance versions up to 10.0.
How can I mitigate CVE-2022-34169?
To mitigate CVE-2022-34169, users are recommended to update to Apache Xalan Java XSLT library version 2.7.3 or later. Additionally, update OpenJDK 11 to versions 11.0.18 or later, OpenJDK 17 to versions 17.0.6 or later, and IBM Security Verify Governance to version 10.0.1 or later.
- collector/debian-bugs
- alias/CVE-2022-34169
- collector/security-tracker-debian
- agent/type
- agent/remedy
- agent/title
- agent/weakness
- agent/first-publish-date
- agent/author
- agent/description
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-9339-86wc-4qgf
- agent/software-canonical-lookup
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/trending
- agent/source
- collector/redhat-bugzilla
- source/Red Hat
- agent/severity
- agent/references
- agent/last-modified-date
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- collector/nvd-index
- package-manager/debian
- package-manager/maven
- vendor/ibm
- canonical/ibm data virtualization on cloud pak for data
- version/ibm data virtualization on cloud pak for data/3.0
- canonical/ibm watson query with cloud pak for data
- version/ibm watson query with cloud pak for data/2.2
- version/ibm watson query with cloud pak for data/2.1
- version/ibm watson query with cloud pak for data/2.0
- version/ibm data virtualization on cloud pak for data/1.8
- version/ibm data virtualization on cloud pak for data/1.7
- vendor/apache
- canonical/apache xalan-java
- version/apache xalan-java/2.7.2
- vendor/debian
- canonical/debian
- version/debian/10.0
- version/debian/11.0
- vendor/oracle
- canonical/oracle graalvm enterprise edition
- version/oracle graalvm enterprise edition/20.3.6
- version/oracle graalvm enterprise edition/21.3.2
- version/oracle graalvm enterprise edition/22.1.0
- canonical/oracle openjdk 1.8.0
- version/oracle openjdk 1.8.0/1.7.0-update343
- version/oracle openjdk 1.8.0/1.8.0-update333
- version/oracle openjdk 1.8.0/11.0.15.1
- version/oracle openjdk 1.8.0/17.0.3.1
- version/oracle openjdk 1.8.0/18.0.1.1
- canonical/oracle jre
- version/oracle jre/1.7.0-update343
- version/oracle jre/1.8.0-update333
- version/oracle jre/11.0.15.1
- version/oracle jre/17.0.3.1
- version/oracle jre/18.0.1.1
- canonical/openjdk 8
- version/openjdk 8/11
- version/openjdk 8/11.0.15
- version/openjdk 8/13
- version/openjdk 8/13.0.11
- version/openjdk 8/15
- version/openjdk 8/15.0.7
- version/openjdk 8/17
- version/openjdk 8/17.0.3
- version/openjdk 8/7
- version/openjdk 8/7-update1
- version/openjdk 8/7-update10
- version/openjdk 8/7-update101
- version/openjdk 8/7-update11
- version/openjdk 8/7-update111
- version/openjdk 8/7-update121
- version/openjdk 8/7-update13
- version/openjdk 8/7-update131
- version/openjdk 8/7-update141
- version/openjdk 8/7-update15
- version/openjdk 8/7-update151
- version/openjdk 8/7-update161
- version/openjdk 8/7-update17
- version/openjdk 8/7-update171
- version/openjdk 8/7-update181
- version/openjdk 8/7-update191
- version/openjdk 8/7-update2
- version/openjdk 8/7-update201
- version/openjdk 8/7-update21
- version/openjdk 8/7-update211
- version/openjdk 8/7-update221
- version/openjdk 8/7-update231
- version/openjdk 8/7-update241
- version/openjdk 8/7-update25
- version/openjdk 8/7-update251
- version/openjdk 8/7-update261
- version/openjdk 8/7-update271
- version/openjdk 8/7-update281
- version/openjdk 8/7-update291
- version/openjdk 8/7-update3
- version/openjdk 8/7-update301
- version/openjdk 8/7-update311
- version/openjdk 8/7-update321
- version/openjdk 8/7-update4
- version/openjdk 8/7-update40
- version/openjdk 8/7-update45
- version/openjdk 8/7-update5
- version/openjdk 8/7-update51
- version/openjdk 8/7-update55
- version/openjdk 8/7-update6
- version/openjdk 8/7-update60
- version/openjdk 8/7-update65
- version/openjdk 8/7-update67
- version/openjdk 8/7-update7
- version/openjdk 8/7-update72
- version/openjdk 8/7-update76
- version/openjdk 8/7-update80
- version/openjdk 8/7-update85
- version/openjdk 8/7-update9
- version/openjdk 8/7-update91
- version/openjdk 8/7-update95
- version/openjdk 8/7-update97
- version/openjdk 8/7-update99
- version/openjdk 8/8
- version/openjdk 8/8-milestone1
- version/openjdk 8/8-milestone2
- version/openjdk 8/8-milestone3
- version/openjdk 8/8-milestone4
- version/openjdk 8/8-milestone5
- version/openjdk 8/8-milestone6
- version/openjdk 8/8-milestone7
- version/openjdk 8/8-milestone8
- version/openjdk 8/8-milestone9
- version/openjdk 8/8-update101
- version/openjdk 8/8-update102
- version/openjdk 8/8-update11
- version/openjdk 8/8-update111
- version/openjdk 8/8-update112
- version/openjdk 8/8-update121
- version/openjdk 8/8-update131
- version/openjdk 8/8-update141
- version/openjdk 8/8-update151
- version/openjdk 8/8-update152
- version/openjdk 8/8-update161
- version/openjdk 8/8-update162
- version/openjdk 8/8-update171
- version/openjdk 8/8-update172
- version/openjdk 8/8-update181
- version/openjdk 8/8-update191
- version/openjdk 8/8-update192
- version/openjdk 8/8-update20
- version/openjdk 8/8-update201
- version/openjdk 8/8-update202
- version/openjdk 8/8-update211
- version/openjdk 8/8-update212
- version/openjdk 8/8-update221
- version/openjdk 8/8-update222
- version/openjdk 8/8-update231
- version/openjdk 8/8-update232
- version/openjdk 8/8-update241
- version/openjdk 8/8-update242
- version/openjdk 8/8-update25
- version/openjdk 8/8-update252
- version/openjdk 8/8-update262
- version/openjdk 8/8-update271
- version/openjdk 8/8-update281
- version/openjdk 8/8-update282
- version/openjdk 8/8-update291
- version/openjdk 8/8-update301
- version/openjdk 8/8-update302
- version/openjdk 8/8-update31
- version/openjdk 8/8-update312
- version/openjdk 8/8-update322
- version/openjdk 8/8-update332
- version/openjdk 8/8-update40
- version/openjdk 8/8-update45
- version/openjdk 8/8-update5
- version/openjdk 8/8-update51
- version/openjdk 8/8-update60
- version/openjdk 8/8-update65
- version/openjdk 8/8-update66
- version/openjdk 8/8-update71
- version/openjdk 8/8-update72
- version/openjdk 8/8-update73
- version/openjdk 8/8-update74
- version/openjdk 8/8-update77
- version/openjdk 8/8-update91
- version/openjdk 8/8-update92
- version/openjdk 8/18
- vendor/fedoraproject
- canonical/fedora
- version/fedora/35
- version/fedora/36
- vendor/netapp
- canonical/netapp 7-mode transition tool
- canonical/netapp active iq unified manager for vmware vsphere
- canonical/netapp active iq unified manager
- canonical/netapp cloud insights acquisition unit
- canonical/netapp cloud secure agent
- canonical/netapp solidfire & hci management node
- canonical/netapp oncommand insight
- canonical/netapp solidfire & hci storage node
- canonical/netapp hci compute node
- vendor/azul
- canonical/azul zulu jdk
- version/azul zulu jdk/6.47
- version/azul zulu jdk/7.54
- version/azul zulu jdk/8.62
- version/azul zulu jdk/11.56
- version/azul zulu jdk/13.48
- version/azul zulu jdk/15.40
- version/azul zulu jdk/17.34
- version/azul zulu jdk/18.30