CVE-2017-10101: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that

CVE-2017-10101 is a critical vulnerability in Oracle Java SE (JAXP, which handles XML processing) affecting versions 6u151, 7u141, and 8u131 that allows attackers to take over systems through network access if users interact with untrusted code like Java Web Start applications (programs downloaded and run from the internet within a protected sandbox environment). The vulnerability has a CVSS score (severity rating) of 9.6 out of 10, meaning it is very serious.