15 matches found
CVE-2018-17202
Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
br.net.woodstock.rockframework:rockframework-core (>=1.2.1 <=1.2.4), com.day.cq.dam:cq-dam-commons (>=5.4.0 <=5.5.0) +84 more potentially affected by CVE-2018-17201 via org.apache.sanselan:sanselan (=0.97-incubator)
org.apache.sanselan:sanselan MAVEN version =0.97-incubator is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.sanselan:sanselan and may be impacted: - br.net.woodstock.rockframework:rockframework-core =1.2.1, =5.4.0, =0.3.11, =2.0.0-alpha,...
Improper Input Validation in Apache Sanselan
Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
GHSA-RJX9-2936-9FFX Improper Input Validation in Apache Sanselan
Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
br.net.woodstock.rockframework:rockframework-core (>=1.2.1 <=1.2.4), com.day.cq.dam:cq-dam-commons (>=5.4.0 <=5.5.0) +84 more potentially affected by CVE-2018-17202 via org.apache.sanselan:sanselan (=0.97-incubator)
org.apache.sanselan:sanselan MAVEN version =0.97-incubator is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.sanselan:sanselan and may be impacted: - br.net.woodstock.rockframework:rockframework-core =1.2.1, =5.4.0, =0.3.11, =2.0.0-alpha,...
GHSA-G99M-3M46-4GM9 Infinite Loop in Apache Sanselan
Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
Infinite Loop in Apache Sanselan
Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
CVE-2018-17201
Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
Code injection
Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
CVE-2018-17202
Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
Code injection
Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
CVE-2018-17202
CVE-2018-17202 affects Apache Sanselan (incubating), later renamed Apache Commons Imaging. The issue is an infinite-loop DoS triggered when parsing certain input files, leading to potential denial of service. Supported by multiple connected records (Red Hat, Veracode, GHSA, OSV, CVE/NVD) that des...
CVE-2018-17202
Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
CVE-2018-17201
Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan incubating was renamed to Apache Commons Imaging...
CVE-2018-17201
CVE-2018-17201 arises from DoS via crafted input files when parsed by Apache Sanselan (0.97-incubator), now Apache Commons Imaging. The code hang leads to partial availability impact as described in NVD metrics; affected component is the image parsing library. Several connected records reiterate ...