/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-q356-rvff-6v4f

Published

Last updated

https://images.chainguard.dev/security/CGA-q356-rvff-6v4f
Package

zaproxy

Repository

Chainguard

Latest Update
Fix not planned
Aliases
  • CVE-2025-46392
  • GHSA-pvp8-3xj6-8c6x

Severity

Unknown

References

  • https://nvd.nist.gov/vuln/detail/CVE-2025-46392
  • https://github.com/advisories/GHSA-pvp8-3xj6-8c6x

Updates

Status

Fix not planned

Impact

There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuration team does not intend to fix these issues in 1.x. Apache Commons Configuration 1.x is still safe to use in scenarios where you only load trusted configurations.

Status

Under investigation

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal