Vulnerabilities

 1 via 2 paths

Dependencies

 14

Source

 GitHub

Commit

 3c39f5de

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 1
Status
  • 1
  • 0
  • 0

high severity

Uncontrolled Recursion

  • Vulnerable module: org.apache.commons:commons-lang3
  • Introduced through: org.apache.commons:commons-compress@1.27.1 and org.apache.poi:poi-ooxml@5.4.1

Detailed paths

  • Introduced through: adaptris/interlok-excel@adaptris/interlok-excel#3c39f5de8b60fc3a2ab792d140005ffef13c5ca5 org.apache.commons:commons-compress@1.27.1 org.apache.commons:commons-lang3@3.16.0
    Remediation: Upgrade to org.apache.commons:commons-compress@1.28.0.
  • Introduced through: adaptris/interlok-excel@adaptris/interlok-excel#3c39f5de8b60fc3a2ab792d140005ffef13c5ca5 org.apache.poi:poi-ooxml@5.4.1 org.apache.commons:commons-compress@1.27.1 org.apache.commons:commons-lang3@3.16.0

Overview

Affected versions of this package are vulnerable to Uncontrolled Recursion via the ClassUtils.getClass function. An attacker can cause the application to terminate unexpectedly by providing excessively long input values.

Remediation

Upgrade org.apache.commons:commons-lang3 to version 3.18.0 or higher.

References

Uncontrolled Recursion vulnerability report