Vulnerability report for isuru89/oasis

Vulnerabilities	1 via 1 paths
Dependencies	4
Source	GitHub
Commit	fb35c677

Vulnerabilities

1 via 1 paths

Dependencies

Source

GitHub

Commit

fb35c677

high severity

Uncontrolled Recursion

Vulnerable module: org.apache.commons:commons-lang3
Introduced through: org.apache.commons:commons-lang3@3.13.0

Detailed paths

Introduced through: isuru89/oasis@isuru89/oasis#fb35c6775825bead941693bc2c83a81a24f7098c › org.apache.commons:commons-lang3@3.13.0

Remediation: Upgrade to org.apache.commons:commons-lang3@3.18.0.

Overview

Affected versions of this package are vulnerable to Uncontrolled Recursion via the ClassUtils.getClass function. An attacker can cause the application to terminate unexpectedly by providing excessively long input values.

Remediation

Upgrade org.apache.commons:commons-lang3 to version 3.18.0 or higher.

References

Apache Pony Mail
GitHub Commit

Uncontrolled Recursion vulnerability report