Lucene search

K
redhatcveRedhat.comRH:CVE-2024-29131
HistoryMar 21, 2024 - 12:16 p.m.

CVE-2024-29131

2024-03-2112:16:07
redhat.com
access.redhat.com
39
apache commons-configuration
stack overflow error
memory corruption
denial of service

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator(). This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that triggers an out-of-bounds write issue when processed by the vulnerable method.

Mitigation

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%