CVE-2024-25710: Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file

CVE-2024-25710: Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file

Open Source Security [[{„value“:“

Posted by Gary D. Gregory on Feb 19

Severity: important

Affected versions:

– Apache Commons Compress 1.3 through 1.25.0

Description:

Loop with Unreachable Exit Condition (‚Infinite Loop‘) vulnerability in Apache Commons Compress.This issue affects
Apache Commons Compress: from 1.3 through 1.25.0.

Users are recommended to upgrade to version 1.26.0 which fixes the issue.

Credit:

Yakov Shafranovich, Amazon Web Services (reporter)

References:…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert