Uploaded image for project: 'Commons Imaging'
  1. Commons Imaging
  2. IMAGING-343

Apache Commons Imaging 0.97 - CVE-2018-17202

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 0.97
    • 1.0-alpha1
    • None
    • None

    Description

      Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.

       

      See https://nvd.nist.gov/vuln/detail/CVE-2018-17202 for more details.

       

      There is Apache Commons Imaging 1.0-alpha3 version available.. but we are trying to understand if a new GA will be made available and also to see if this specific CVE is addressed in the latest versions ?

       

      Please help

      Attachments

        Activity

          People

            Unassigned Unassigned
            somasaninikhil Nikhil
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: