8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.9%
org.apache.commons: commons-compress is vulnerable to Denial Of Service. The vulnerability is due to an infinite loop when parsing dump files, which allows an attacker to inject crafted values to cause Denial of Service (DoS).
CPE | Name | Operator | Version |
---|---|---|---|
apache commons compress | le | 1.25.0 | |
apache commons compress | le | 1.25.0 |
8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.9%