CVE-2021-35517 — CVSS 7.5 (high): When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of…
CVE-2021-36090 — CVSS 7.5 (high): When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of…
CVE-2019-12402 — CVSS 7.5 (high): The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with…
CVE-2021-35515 — CVSS 7.5 (high): When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite…
CVE-2021-35516 — CVSS 7.5 (high): When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of…
CVE-2024-26308 — CVSS 5.5 (medium): Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress…
CVE-2018-11771 — CVSS 5.5 (medium): When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to…
CVE-2018-1324 — CVSS 5.5 (medium): A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the…
CVE-2023-42503 — CVSS 5.5 (medium): Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects…
CVE-2012-2098 — CVSS 5.0 (medium): Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons…