Lucene search

K
ApacheCommons Configuration*

5 matches found

CVE
CVE
added 2022/07/06 1:15 p.m.436 views

CVE-2022-33980

Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the ...

9.8CVSS9.5AI score0.87662EPSS
CVE
CVE
added 2024/03/21 9:15 a.m.278 views

CVE-2024-29131

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.

7.3CVSS5.8AI score0.00149EPSS
CVE
CVE
added 2024/03/21 9:15 a.m.252 views

CVE-2024-29133

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.

5.4CVSS5.8AI score0.00375EPSS
CVE
CVE
added 2020/03/13 3:15 p.m.174 views

CVE-2020-1953

Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the default settings of this library. So if a YAML f...

10CVSS9.3AI score0.02732EPSS
CVE
CVE
added 2025/05/09 10:15 a.m.98 views

CVE-2025-46392

Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuration ...

6.5CVSS6.6AI score0.00117EPSS