Published: 29/06/2012 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress prior to 1.4.1 allows remote malicious users to cause a denial of service (CPU consumption) via a file with many repeating inputs.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache commons compress

Debian Bug report logs - #674448 CVE-2012-2098 Package: libcommons-compress-java; Maintainer for libcommons-compress-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for libcommons-compress-java is src:libcommons-compress-java (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm ...

Debian Bug report logs - #1052065 libcommons-compress-java: CVE-2023-42503 Package: src:libcommons-compress-java; Maintainer for src:libcommons-compress-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 16 Sep 2023 20:51:01 ...

Binary Executables for Clojure (deps.edn)

clj-bin A fork of lein-binplus for depsedn Produces standalone console executables that work on OS X, Linux, and Windows It basically just takes your uberjar and stuffs it in another file with some fancy magical execution stuff TODO: Update Docs ⚠️ Below this point are still the old leiningen docs If you need a quick example, see here for now Latest version Usage This

A Leiningen plugin for producing standalone console executables that work on OS X, Linux, and Windows.

lein-binplus A Leiningen plugin for producing standalone console executables that work on OS X, Linux, and Windows It basically just takes your uberjar and stuffs it in another file with some fancy magical execution stuff NOTE: This is a fork of Raynes/lein-bin with the addition of several bug-fixes and improvements Sadly, @Raynes passed away last December (2016) therefore I

CWE-310 http://secunia.com/advisories/49255 http://ant.apache.org/security.html http://commons.apache.org/compress/security.html http://www.securitytracker.com/id?1027096 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081746.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081697.html http://packetstormsecurity.org/files/113014/Apache-Commons-Compress-Apache-Ant-Denial-Of-Service.html http://www.securityfocus.com/bid/53676 http://osvdb.org/82161 http://archives.neohapsis.com/archives/bugtraq/2012-05/0130.html http://secunia.com/advisories/49286 http://www-01.ibm.com/support/docview.wss?uid=swg21644047 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105060.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105049.html https://exchange.xforce.ibmcloud.com/vulnerabilities/75857 https://www.oracle.com/security-alerts/cpujan2021.html http://www.openwall.com/lists/oss-security/2023/09/13/3 https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674448 https://github.com/markus-wa/clj-bin

CVE-2012-2098

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect