pkg:maven/org.apache.commons/commons-compress
Type
maven
Namespace
org.apache.commons
Name
commons-compress
Known advisories, vulnerabilities and fixes for org.apache.commons/commons-compress package.
High
7
Moderate
4
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 1.21, < 1.26.0 |
CVE-2024-26308
|
MAVEN:GHSA-4265-CCF5-PHJ5 | Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file | high |
2024-02-19T09:30:52
(7 months ago) |
|
Fixed | = 1.26.0 |
CVE-2024-26308
|
MAVEN:GHSA-4265-CCF5-PHJ5 | Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file | high |
2024-02-19T09:30:52
(7 months ago) |
|
Affected | >= 1.3, < 1.26.0 |
CVE-2024-25710
|
MAVEN:GHSA-4G9R-VXHX-9PGX | Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file | high |
2024-02-19T09:30:50
(7 months ago) |
|
Fixed | = 1.26.0 |
CVE-2024-25710
|
MAVEN:GHSA-4G9R-VXHX-9PGX | Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file | high |
2024-02-19T09:30:50
(7 months ago) |
|
Affected | >= 1.15, < 1.19 = 1.18.1 |
CVE-2019-12402
|
MAVEN:GHSA-53X6-4X5P-RRVV | Denial of Service in Apache Commons Compress | high |
2019-10-11T18:41:08
(5 years ago) |
|
Fixed | = 1.19 |
CVE-2019-12402
|
MAVEN:GHSA-53X6-4X5P-RRVV | Denial of Service in Apache Commons Compress | high |
2019-10-11T18:41:08
(5 years ago) |
|
Affected | < 1.4.1 |
CVE-2012-2098
|
MAVEN:GHSA-6FXM-66HQ-FC96 | Uncontrolled Resource Consumption in Apache Commons Compress | moderate |
2022-05-13T01:07:05
(2 years ago) |
|
Fixed | = 1.4.1 |
CVE-2012-2098
|
MAVEN:GHSA-6FXM-66HQ-FC96 | Uncontrolled Resource Consumption in Apache Commons Compress | moderate |
2022-05-13T01:07:05
(2 years ago) |
|
Affected | < 1.21 |
CVE-2021-35515
|
MAVEN:GHSA-7HFM-57QF-J43Q | Excessive Iteration in Compress | high |
2021-08-02T16:55:07
(3 years ago) |
|
Fixed | = 1.21 |
CVE-2021-35515
|
MAVEN:GHSA-7HFM-57QF-J43Q | Excessive Iteration in Compress | high |
2021-08-02T16:55:07
(3 years ago) |
|
Affected | >= 1.22, < 1.24.0 |
CVE-2023-42503
|
MAVEN:GHSA-CGWF-W82Q-5JRR | Apache Commons Compress denial of service vulnerability | moderate |
2023-09-14T09:30:28
(12 months ago) |
|
Fixed | = 1.24.0 |
CVE-2023-42503
|
MAVEN:GHSA-CGWF-W82Q-5JRR | Apache Commons Compress denial of service vulnerability | moderate |
2023-09-14T09:30:28
(12 months ago) |
|
Affected | < 1.21 |
CVE-2021-35516
|
MAVEN:GHSA-CRV7-7245-F45F | Improper Handling of Length Parameter Inconsistency in Compress | high |
2021-08-02T16:55:15
(3 years ago) |
|
Fixed | = 1.21 |
CVE-2021-35516
|
MAVEN:GHSA-CRV7-7245-F45F | Improper Handling of Length Parameter Inconsistency in Compress | high |
2021-08-02T16:55:15
(3 years ago) |
|
Affected | >= 1.11, < 1.16 = 1.12 |
CVE-2018-1324
|
MAVEN:GHSA-H436-432X-8FVX | Apache Commons Compress vulnerable to denial of service due to infinite loop | moderate |
2019-03-14T15:41:12
(5 years ago) |
|
Fixed | = 1.16 |
CVE-2018-1324
|
MAVEN:GHSA-H436-432X-8FVX | Apache Commons Compress vulnerable to denial of service due to infinite loop | moderate |
2019-03-14T15:41:12
(5 years ago) |
|
Affected | < 1.18 |
CVE-2018-11771
|
MAVEN:GHSA-HRMR-F5M6-M9PQ | Moderate severity vulnerability that affects org.apache.commons:commons-compress | moderate |
2018-10-19T16:41:27
(5 years ago) |
|
Fixed | = 1.18 |
CVE-2018-11771
|
MAVEN:GHSA-HRMR-F5M6-M9PQ | Moderate severity vulnerability that affects org.apache.commons:commons-compress | moderate |
2018-10-19T16:41:27
(5 years ago) |
|
Affected | < 1.21 |
CVE-2021-36090
|
MAVEN:GHSA-MC84-PJ99-Q6HH | Improper Handling of Length Parameter Inconsistency in Compress | high |
2021-08-02T16:55:53
(3 years ago) |
|
Fixed | = 1.21 |
CVE-2021-36090
|
MAVEN:GHSA-MC84-PJ99-Q6HH | Improper Handling of Length Parameter Inconsistency in Compress | high |
2021-08-02T16:55:53
(3 years ago) |
|
Affected | < 1.21 |
CVE-2021-35517
|
MAVEN:GHSA-XQFJ-VM6H-2X34 | Improper Handling of Length Parameter Inconsistency in Compress | high |
2021-08-02T16:55:39
(3 years ago) |
|
Fixed | = 1.21 |
CVE-2021-35517
|
MAVEN:GHSA-XQFJ-VM6H-2X34 | Improper Handling of Length Parameter Inconsistency in Compress | high |
2021-08-02T16:55:39
(3 years ago) |