NotCVE - vendor:"Apache Software Foundation" product:"Apache Commons Configuration"

3 results (0.002 seconds)

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-46392 – Apache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x

https://notcve.org/view.php?id=CVE-2025-46392

09 May 2025 — Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuration team does not intend to fix these issues in 1.x. Apache Commons Configuration 1.x is still safe to use in scenario's where you only load trusted configurations. Users that load untrusted configurations or give att... • https://lists.apache.org/thread/y1pl0mn3opz6kwkm873zshjdxq3dwq5s • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-29131 – Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

https://notcve.org/view.php?id=CVE-2024-29131

21 Mar 2024 — Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. Vulnerabilidad de escritura fuera de los límites en la configuración de Apache Commons. Este problema afecta a la configuración de Apache Commons: desde 2.0 antes de 2.10.1. Se recomienda a los usuarios actualizar a la versión 2.10.1, que soluciona el problema. • http://www.openwall.com/lists/oss-security/2024/03/20/4 • CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-29133 – Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

https://notcve.org/view.php?id=CVE-2024-29133