Описание
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 1.18-3 |
| disco | ignored | end of life |
| eoan | not-affected | 1.18-3 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 1.18-3 |
| esm-apps/jammy | not-affected | 1.18-3 |
| esm-apps/noble | not-affected | 1.18-3 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.
The file name encoding algorithm used internally in Apache Commons Com ...
Уязвимость архиватора Apache Commons Compress, связанная с ошибками управления ресурсом, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5 Medium
CVSS2
7.5 High
CVSS3