Lucene search
Veracode Vulnerability DatabaseVERACODE:45972HistoryMar 22, 2024 - 6:49 a.m.
Out-of-Bounds Write
2024-03-2206:49:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
apache commons configuration
out-of-bounds write
abstractlistdelimiterhandler
denial of service
Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper iterator handling within the AbstractListDelimiterHandler.flattenIterator() method, which can result in Denial of Service if crafted input is passed to the method.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache commons configuration | le | 2.10.0 | |
| apache commons configuration | le | 2.10.0 |
References
www.openwall.com/lists/oss-security/2024/03/20/4
github.com/advisories/GHSA-xjp4-hw94-mvp5
github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554
lists.apache.org/thread/03nzzzjn4oknyw5y0871tw7ltj0t3r37
lists.fedoraproject.org/archives/list/[email protected]/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7/
lists.fedoraproject.org/archives/list/[email protected]/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS/
Related
github
github
cnvd
cnvd
Apache Commons Configuration Out-of-Bounds Write Vulnerability
2024-03-26 00:00:00
osv
osv
cvelist
cvelist
cve
cve
CVE-2024-29131
2024-03-21 09:15:07
cgr
cgr
CVE-2024-29131 vulnerabilities
2024-05-19 03:07:16
debiancve
debiancve
CVE-2024-29131
2024-03-21 09:15:07
redhatcve
redhatcve
CVE-2024-29131
2024-03-21 12:16:07
wolfi
wolfi
CVE-2024-29131 vulnerabilities
2024-06-02 22:01:16
openvas
openvas
Apache Commons Configuration 2.0.x < 2.10.1 Multiple Vulnerabilities
2024-03-21 00:00:00
Fedora: Security Advisory for apache-commons-configuration (FEDORA-2024-fa7b758114)
2024-04-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1365-1)
2024-05-07 00:00:00
nessus
nessus
Fedora 40 : apache-commons-configuration (2024-c673517dce)
2024-04-29 00:00:00
Fedora 39 : apache-commons-configuration (2024-fa7b758114)
2024-03-30 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: apache-commons-configuration-2.10.1-1.fc40
2024-03-29 04:11:00
[SECURITY] Fedora 39 Update: apache-commons-configuration-2.10.1-1.fc39
2024-03-30 01:10:55
ibm
ibm
redhat
redhat