CVE-2024-26308

Опубликовано: 19 фев. 2024

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26.

Users are recommended to upgrade to version 1.26, which fixes the issue.

Ссылки

http://www.openwall.com/lists/oss-security/2024/02/19/2
Mailing List
Third Party Advisory
https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg
Vendor Advisory
https://security.netapp.com/advisory/ntap-20240307-0009/
Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/02/19/2
Mailing List
Third Party Advisory
https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg
Vendor Advisory
https://security.netapp.com/advisory/ntap-20240307-0009/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:commons_compress:*:*:*:*:*:*:*:*

Версия от 1.21 (включая) до 1.26.0 (исключая)

EPSS

Процентиль: 63%

0.00448

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-770

Связанные уязвимости

CVE-2024-26308

CVSS3: 5.5

ubuntu

почти 2 года назад

Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.

CVE-2024-26308

CVSS3: 5.5

redhat

почти 2 года назад

CVE-2024-26308

msrc

5 месяцев назад

Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file

CVE-2024-26308

CVSS3: 5.5

debian

почти 2 года назад

Allocation of Resources Without Limits or Throttling vulnerability in ...

GHSA-4265-ccf5-phj5

CVSS3: 5.5

github

почти 2 года назад

Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file

EPSS

Процентиль: 63%

0.00448

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-770