The vulnerabilities of the CompressorStreamFactory, TarArchiveInputStream, and TarFile classes in the Apache Commons Compress library allow a attacker to trigger a service failure.

The vulnerabilities of the CompressorStreamFactory, TarArchiveInputStream, and TarFile classes in the Apache Commons Compress library are related to an uncontrolled resource consumption due to insufficient validation of input data during the processing of TAR archive headers. Exploiting these...

CVE-2023-42503 Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...