14 matches found
EUVD-2021-1620
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-35515
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used ...
DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and Server
This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 7.19.23, 8.5.10, 8.9.2 of Confluence Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
RHEL 7 : apache-commons-compress (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive...
SUSE CVE-2021-35516
When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package...
Improper Handling of Length Parameter Inconsistency in Compress
When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package...
Excessive Iteration in Compress
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package...
CVE-2021-35515
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package...
DEBIAN-CVE-2021-35516
When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package...
CVE-2021-35515
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package...
UBUNTU-CVE-2021-35515
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package...
CVE-2021-35515
CVE-2021-35515 is an infinite-loop denial-of-service in Apache Commons Compress when reading a crafted 7Z archive. The issue arises during the construction of the codecs list used to decompress an entry, potentially consuming unbounded CPU and impacting services that rely on the sevenz package. C...
PT-2021-3993 · Atlassian +4 · Confluence +4
Name of the Vulnerable Software and Affected Versions: Apache Commons Compress versions prior to the fixed version Confluence Data Center versions from 7.19.23 through 8.9.3 Confluence Data Center versions from 8.5.10 through 8.5.11 Confluence Server versions from 7.19.23 through 7.19.24 Confluen...
PT-2021-3725 · Atlassian +4 · Confluence +4
Name of the Vulnerable Software and Affected Versions: Apache Commons Compress versions 1.19 through 1.21 Apache Commons Compress version 1.22 Confluence Data Center versions from 7.19.23 to 8.9.3 Confluence Data Center versions from 8.5.10 to 8.5.11 Confluence Server versions from 7.19.23 to...