pkg:maven/org.apache.commons/commons-configuration2
Type
maven
Namespace
org.apache.commons
Name
commons-configuration2
Known advisories, vulnerabilities and fixes for org.apache.commons/commons-configuration2 package.
Critical
2
Moderate
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 2.2, < 2.7 |
CVE-2020-1953
|
MAVEN:GHSA-7QX4-PP76-VRQH | Remote code execution in Apache Commons Configuration | critical |
2020-05-21T19:08:08
(4 years ago) |
|
Fixed | = 2.7 |
CVE-2020-1953
|
MAVEN:GHSA-7QX4-PP76-VRQH | Remote code execution in Apache Commons Configuration | critical |
2020-05-21T19:08:08
(4 years ago) |
|
Affected | >= 2.0, < 2.10.1 |
CVE-2024-29133
|
MAVEN:GHSA-9W38-P64V-XPMV | Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree | moderate |
2024-03-21T09:31:14
(5 months ago) |
|
Fixed | = 2.10.1 |
CVE-2024-29133
|
MAVEN:GHSA-9W38-P64V-XPMV | Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree | moderate |
2024-03-21T09:31:14
(5 months ago) |
|
Affected | >= 2.4, < 2.8.0 |
CVE-2022-33980
|
MAVEN:GHSA-XJ57-8QJ4-C4M6 | Code injection in Apache Commons Configuration | critical |
2022-07-07T00:00:26
(2 years ago) |
|
Fixed | = 2.8.0 |
CVE-2022-33980
|
MAVEN:GHSA-XJ57-8QJ4-C4M6 | Code injection in Apache Commons Configuration | critical |
2022-07-07T00:00:26
(2 years ago) |
|
Affected | >= 2.0, < 2.10.1 |
CVE-2024-29131
|
MAVEN:GHSA-XJP4-HW94-MVP5 | Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() | moderate |
2024-03-21T09:31:14
(5 months ago) |
|
Fixed | = 2.10.1 |
CVE-2024-29131
|
MAVEN:GHSA-XJP4-HW94-MVP5 | Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() | moderate |
2024-03-21T09:31:14
(5 months ago) |