CVE-2025-46392
- EPSS 0.09%
- Published 09.05.2025 09:34:38
- Last modified 16.07.2025 14:52:25
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected...
CVE-2024-29131
- EPSS 0.2%
- Published 21.03.2024 09:15:07
- Last modified 01.05.2025 19:13:04
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.
CVE-2024-29133
- EPSS 0.51%
- Published 21.03.2024 09:15:07
- Last modified 01.05.2025 19:12:24
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.
CVE-2022-33980
- EPSS 87.66%
- Published 06.07.2022 13:15:09
- Last modified 21.11.2024 07:08:42
Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons....
- EPSS 2.73%
- Published 13.03.2020 15:15:11
- Last modified 21.11.2024 05:11:43
Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the...