​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-gr35-gp4q-q78f

Published

Last updated

https://images.chainguard.dev/security/CGA-gr35-gp4q-q78f
Package

gradle-8

Latest Update
Fixed
Fixed Version

8.7.0-r1

Aliases
  • CVE-2024-25710
  • GHSA-4g9r-vxhx-9pgx

Severity

8.1

High

CVSS V3

Summary

Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file

Description

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from 1.3 through 1.25.0.

Users are recommended to upgrade to version 1.26.0 which fixes the issue.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images