commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flattenObject, int with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a...

commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator. This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that...

Security Bulletin: Multiple vulnerabilities reported in YAJSW service shipped in IBM WebSphere eXtreme Scale Liberty Deployment

Summary YAJSW service is used for registering XSLD services with operating system. Vulnerabilities CVE-2024-29131 and CVE-2024-29133 are reported on commons-configuration2-2.8.0.jar used in YAJSW package. Vulnerability Details CVEID:CVE-2024-29131 DESCRIPTION: Apache Commons Configuration could...

Fedora 40 : apache-commons-configuration (2024-c673517dce)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c673517dce advisory. This update contains security fixes for CVE-2024-29131 and CVE-2024-29133. See...

openSUSE Security Advisory (SUSE-SU-2024:1377-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache-commons-configuration (SUSE-SU-2024:1377-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1377-1 advisory. - Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache...

SUSE-SU-2024:1377-1 Security update for apache-commons-configuration

This update for apache-commons-configuration fixes the following issues: - CVE-2024-29131: Fixed StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator bsc1221797. - CVE-2024-29133: Fixed StackOverflowError calling ListDelimiterHandler.flattenObject, int with a cyclica...

SUSE-SU-2024:1365-1 Security update for apache-commons-configuration2

This update for apache-commons-configuration2 fixes the following issues: - CVE-2024-29131: Fixed StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator bsc1221797. - CVE-2024-29133: Fixed StackOverflowError calling ListDelimiterHandler.flattenObject, int with a cyclic...

PT-2024-40697 · Apache · Apache Commons Configuration2

Name of the Vulnerable Software and Affected Versions: Apache Commons Configuration2 affected versions not specified Description: The issue is related to a security exception in the org.apache.commons.configuration2 package. Specifically, the problem occurs in the...

Fedora: Security Advisory (FEDORA-2024-c673517dce)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-fa7b758114)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the ListDelimiterHandler.flatten function in the Apache Commons Configuration library allows a attacker to execute arbitrary code.

The vulnerability of the ListDelimiterHandler.flatten function in the Apache Commons Configuration library is related to memory buffer overflows. Exploitation of this vulnerability could allow an attacker to execute arbitrary code using specially created data...

The vulnerability of the AbstractListDelimiterHandler.flattenIterator() function in the Apache Commons Configuration library allows a hacker to execute arbitrary code.

The vulnerability of the AbstractListDelimiterHandler.flattenIterator function in the Apache Commons Configuration library is related to memory overflow beyond buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially created data...

Fedora 39 : apache-commons-configuration (2024-fa7b758114)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-fa7b758114 advisory. This update contains security fixes for CVE-2024-29131 and CVE-2024-29133. See...

[SECURITY] Fedora 40 Update: apache-commons-configuration-2.10.1-1.fc40

The Commons Configuration software library provides a generic configuration interface which enables a Java application to read configuration data from a variety of sources. Commons Configuration provides typed access to single, and multi-valued configuration parameters as demonstrated by the...

Apache Commons Configuration Out-of-Bounds Write Vulnerability (CNVD-2024-16109)

Apache Commons Configuration is the United States Apache Apache Foundation , a common configuration interface , it is mainly used to enable Java applications to read configuration data from a variety of sources . An out-of-bounds write vulnerability exists in Apache Commons Configuration versions...

Apache Commons Configuration Out-of-Bounds Write Vulnerability

Apache Commons Configuration is the United States Apache Apache Foundation , a common configuration interface , it is mainly used to enable Java applications to read configuration data from a variety of sources . An out-of-bounds write vulnerability exists in Apache Commons Configuration versions...

Out-of-Bounds Write

Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper iterator handling within the AbstractListDelimiterHandler.flattenIterator method, which can result in Denial of Service if crafted input is passed to the method...

Out-of-Bounds Write

Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper handling of a cyclical object tree, which can trigger a StackOverflowError when the ListDelimiterHandler.flatten method is called. This occurs because the method recursively traverses the objec...

SUSE CVE-2024-29131

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue...