Описание
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libcommons-compress-java | fixed | 1.27.1-1 | package | |
| libcommons-compress-java | no-dsa | bookworm | package | |
| libcommons-compress-java | no-dsa | bullseye | package | |
| libcommons-compress-java | no-dsa | buster | package |
Примечания
https://www.openwall.com/lists/oss-security/2024/02/19/1
Related to and fixed by https://issues.apache.org/jira/browse/COMPRESS-632
https://github.com/apache/commons-compress/commit/8a9a5847c04ae39a1d45b365f8bb82022466067d (commons-compress-1.26.0-RC1)
Связанные уязвимости
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file