QwikSec

Security Database

CVE

CWE

Training

CVE-2012-2098

Published: Jun 29, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2013-5548

vendor-advisory

apache-commons-ant-bzip2-dos(75857)

vdb-entry

FEDORA-2012-8428

vendor-advisory

20120523 [CVE-2012-2098] Apache Commons Compress and Apache Ant denial of service vulnerability

mailing-list

vdb-entry

vdb-entry

vdb-entry

third-party-advisory

FEDORA-2012-8465

vendor-advisory

third-party-advisory

FEDORA-2013-5546

vendor-advisory

[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1

mailing-list

http://commons.apache.org/compress/security.html

http://www-01.ibm.com/support/docview.wss?uid=swg21644047

http://packetstormsecurity.org/files/113014/Apache-Commons-Compress-Apache-Ant-Denial-Of-Service.html

http://ant.apache.org/security.html

https://www.oracle.com/security-alerts/cpujan2021.html

[oss-security] 20230913 CVE-2023-42503: Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.