Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper iterator handling within the AbstractListDelimiterHandler.flattenIterator()
method, which can result in Denial of Service if crafted input is passed to the method.
CPE | Name | Operator | Version |
---|---|---|---|
apache commons configuration | le | 2.10.0 | |
apache commons configuration | le | 2.10.0 |
www.openwall.com/lists/oss-security/2024/03/20/4
github.com/advisories/GHSA-xjp4-hw94-mvp5
github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554
lists.apache.org/thread/03nzzzjn4oknyw5y0871tw7ltj0t3r37
lists.fedoraproject.org/archives/list/[email protected]/message/SNKDKEEKZNL5FGCTZKJ6CFXFVWFL5FJ7/
lists.fedoraproject.org/archives/list/[email protected]/message/YD4AFTIIQW662LUAQRMWS6BBKYSZG3YS/