CVE-2025-46392
- EPSS 0.09%
- Veröffentlicht 09.05.2025 09:34:38
- Zuletzt bearbeitet 16.07.2025 14:52:25
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected...
CVE-2024-29131
- EPSS 0.2%
- Veröffentlicht 21.03.2024 09:15:07
- Zuletzt bearbeitet 01.05.2025 19:13:04
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.
CVE-2024-29133
- EPSS 0.51%
- Veröffentlicht 21.03.2024 09:15:07
- Zuletzt bearbeitet 01.05.2025 19:12:24
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.
CVE-2022-33980
- EPSS 87.66%
- Veröffentlicht 06.07.2022 13:15:09
- Zuletzt bearbeitet 21.11.2024 07:08:42
Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons....
- EPSS 2.73%
- Veröffentlicht 13.03.2020 15:15:11
- Zuletzt bearbeitet 21.11.2024 05:11:43
Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the...