CPE Details
Apache Software Foundation Commons Compress 1.7
1.7
2019-09-04
10h56 +00:00
10h56 +00:00
2021-10-06
10h19 +00:00
10h19 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:apache:commons_compress:1.7:*:*:*:*:*:*:*
Informations
Vendor
apacheProduct
commons_compressVersion
1.7Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. | 8.1 |
Haute |
||
| When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package. | 7.5 |
Haute |
||
| When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar package. | 7.5 |
Haute |
||
| When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package. | 7.5 |
Haute |
||
| When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package. | 7.5 |
Haute |
2025©
tesweb SA
