/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-q356-rvff-6v4f

Published

Last updated

https://images.chainguard.dev/security/CGA-q356-rvff-6v4f
Package

zaproxy

Repository

Chainguard

Latest Update
Fix not planned
Aliases
  • CVE-2025-46392
  • GHSA-pvp8-3xj6-8c6x

Severity

Unknown

References

  • https://nvd.nist.gov/vuln/detail/CVE-2025-46392

Updates

Status

Fix not planned

Impact

There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuration team does not intend to fix these issues in 1.x. Apache Commons Configuration 1.x is still safe to use in scenarios where you only load trusted configurations.

Status

Under investigation


Safe Source for Open Sourceâ„¢
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing