Vulnerability report for apache/shardingsphere

Vulnerabilities	1 via 1 paths
Dependencies	12
Source	GitHub
Commit	45ecfd29

Vulnerabilities

1 via 1 paths

Dependencies

Source

GitHub

Commit

45ecfd29

high severity

new

Uncontrolled Recursion

Vulnerable module: org.apache.commons:commons-lang3
Introduced through: org.apache.commons:commons-lang3@3.15.0

Detailed paths

Introduced through: apache/shardingsphere@apache/shardingsphere#45ecfd29d02ce47852a795de2842beac817c5c0e › org.apache.commons:commons-lang3@3.15.0

Remediation: Upgrade to org.apache.commons:commons-lang3@3.18.0.

Overview

Affected versions of this package are vulnerable to Uncontrolled Recursion via the ClassUtils.getClass function. An attacker can cause the application to terminate unexpectedly by providing excessively long input values.

Remediation

Upgrade org.apache.commons:commons-lang3 to version 3.18.0 or higher.

References

Apache Pony Mail
GitHub Commit

Uncontrolled Recursion vulnerability report