​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-2xg7-8qm4-vx87

Published

Last updated

https://images.chainguard.dev/security/CGA-2xg7-8qm4-vx87
Package

spdx-tools-java

Latest Update
Fixed
Fixed Version

1.1.8-r1

Aliases
  • CVE-2024-25710
  • GHSA-4g9r-vxhx-9pgx

Severity

8.1

High

CVSS V3

Summary

Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file

Description

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from 1.3 through 1.25.0.

Users are recommended to upgrade to version 1.26.0 which fixes the issue.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images