3 matches found
br.net.woodstock.rockframework:rockframework-core (>=1.2.1 <=1.2.4), com.day.cq.dam:cq-dam-commons (>=5.4.0 <=5.5.0) +84 more potentially affected by CVE-2018-17202 via org.apache.sanselan:sanselan (=0.97-incubator)
org.apache.sanselan:sanselan MAVEN version =0.97-incubator is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.sanselan:sanselan and may be impacted: - br.net.woodstock.rockframework:rockframework-core =1.2.1, =5.4.0, =0.3.11, =2.0.0-alpha,...
CVE-2018-17202
Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
CVE-2018-17202
CVE-2018-17202 affects Apache Sanselan (incubating), later renamed Apache Commons Imaging. The issue is an infinite-loop DoS triggered when parsing certain input files, leading to potential denial of service. Supported by multiple connected records (Red Hat, Veracode, GHSA, OSV, CVE/NVD) that des...