The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2019-08-29T00:00:00
Updated: 2023-08-18T13:06:40.207792
Reserved: 2019-05-28T00:00:00
Link: CVE-2019-12402
JSON object: View
NVD Information
Status : Modified
Published: 2019-08-30T09:15:17.910
Modified: 2023-11-07T03:03:33.297
Link: CVE-2019-12402
JSON object: View
Redhat Information
No data.
CWE