oss-sec mailing list archives
CVE-2024-29133: Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
From: "Gary D. Gregory" <ggregory () apache org>
Date: Wed, 20 Mar 2024 21:53:35 +0000
Severity: low Affected versions: - Apache Commons Configuration 2.0 before 2.10.1 Description: Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. This issue is being tracked as CONFIGURATION-841 Credit: Gary Gregory (finder) References: https://commons.apache.org/ https://www.cve.org/CVERecord?id=CVE-2024-29133 https://issues.apache.org/jira/browse/CONFIGURATION-841
Current thread:
- CVE-2024-29133: Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree Gary D. Gregory (Mar 20)