openrouteservice icon indicating copy to clipboard operation
openrouteservice copied to clipboard
verified publisher icon GIScience

CVE-2024-36114

Open joewragg opened this issue 1 year ago • 0 comments

Scope

pom.xml

Report Link

https://avd.aquasec.com/nvd/cve-2024-36114

Dependency affected

io.airlift:aircompressor (ors.jar)

Proposed solution / further info

Library Vulnerability Severity Status Installed Version Fixed Version Title
io.airlift:aircompressor (ors.jar) CVE-2024-36114 HIGH fixed 0.20 0.27 Decompressors can crash the JVM and leak memory content in Aircompressor https://avd.aquasec.com/nvd/cve-2024-36114

joewragg avatar Jun 25 '24 08:06 joewragg