A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator(). This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that triggers an out-of-bounds write issue when processed by the vulnerable method.
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
bugzilla.redhat.com/show_bug.cgi?id=2270674
github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554
github.com/apache/commons-configuration/commit/7d7d399d0598cb0ca5f81891de34694178156dab
issues.apache.org/jira/browse/CONFIGURATION-840
nvd.nist.gov/vuln/detail/CVE-2024-29131
www.cve.org/CVERecord?id=CVE-2024-29131