validator icon indicating copy to clipboard operation
validator copied to clipboard

Published 20 hours ago verified publisher icon itplr-kosit

CVE-2024-47554 in <version.commons-io>2.11.0 -> update to at least 2.14

Open paulmhh opened this issue 8 months ago • 1 comments

commons-io 2.11 has "Uncontrolled Resource Consumption vulnerability" in org.apache.commons.io.input.XmlStreamReader

see: https://mvnrepository.com/artifact/commons-io/commons-io/2.11.0 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47554

please consider updating to at least 2.14

paulmhh avatar Mar 21 '25 12:03 paulmhh

This was implemented with https://github.com/itplr-kosit/validator/commit/4ce8f4de58d4611bada6c0391f3cb07e1c8e2c90

phax avatar Apr 09 '25 17:04 phax

included in release 1.5.2. thx for reporting

rkottmann avatar Aug 29 '25 15:08 rkottmann