lists.apache.org
Open in
urlscan Pro
135.181.41.184
Public Scan
Submitted URL: http://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf
Effective URL: https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf
Submission: On February 27 via api from IL — Scanned from FI
Effective URL: https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf
Submission: On February 27 via api from IL — Scanned from FI
Form analysis 0 forms found in the DOM
Text Content
* Email display mode:
--------------------------------------------------------------------------------
Modern rendering
Legacy rendering
* * Log In
This site requires JavaScript enabled. Please enable it.
CVE-2024-25710: APACHE COMMONS COMPRESS: DENIAL OF SERVICE CAUSED BY AN INFINITE
LOOP FOR A CORRUPTED DUMP FILE
Posted to user@commons.apache.org
Gary D. Gregory - Monday, February 19, 2024 3:25:47 AM GMT+2
Severity: important
Affected versions:
- Apache Commons Compress 1.3 through 1.25.0
Description:
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0.
Users are recommended to upgrade to version 1.26.0 which fixes the issue.
Credit:
Yakov Shafranovich, Amazon Web Services (reporter)
References:
https://commons.apache.org/
https://www.cve.org/CVERecord?id=CVE-2024-25710
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org
Powered by Apache Pony Mail (Foal v/1.0.1 ~952d7f7). For data privacy requests,
please contact: privacy@apache.org. For questions about this service, please
contact: users@infra.apache.org.
LOADING, PLEASE WAIT..