All vulnerabilities
CVE-2024-26308
Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file
Description
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from 1.21 before 1.26.
Users are recommended to upgrade to version 1.26, which fixes the issue.
Patch Available
Fix available through Seal Security.
No upgrade required, protect your application instantly.
Fix without upgrading
Score
5.5
Severity
Medium
Ecosystem
Java
Publish Date
February 19, 2024
Modified Date
February 3, 2026
Score Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Versions
