You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.
To resolve this issue - upgrade to version 4.3. Please note: the package name was changed to org.apache.commons:commons-collections4 on version 4.0.
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: NONE Availability impact: HIGH
The text was updated successfully, but these errors were encountered:
Checkmarx (SCA): Vulnerable Package
Vulnerability: Read More about Cx78f40514-81ff
Checkmarx Project: jerp1979/java-faker
Repository URL: https:/jerp1979/java-faker
Branch: master
Scan ID: 8f3fa71f-fe46-4bc8-9378-781a0403538e
The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function
add()
in the filesrc/main/java/org/apache/commons/collections4/list/SetUniqueList.java
throws a StackOverflowError when theadd()
method is called with its own list.To resolve this issue - upgrade to version 4.3. Please note: the package name was changed to org.apache.commons:commons-collections4 on version 4.0.
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
The text was updated successfully, but these errors were encountered: