CVE-2022-21296: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supp

A vulnerability in Oracle Java SE and Oracle GraalVM Enterprise Edition's JAXP component (a Java library for processing XML data) allows an attacker on the network to read some data they shouldn't have access to without needing to log in. The vulnerability affects several older versions of Java and can be exploited through web services or untrusted code running in a Java sandbox (a restricted environment meant to safely run untrusted programs).