Path to dependency file: /tmp/ws-scm/proctor/coverage-report/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/ant/ant/1.8.2/ant-1.8.2.jar,canner/.m2/repository/org/apache/ant/ant/1.8.2/ant-1.8.2.jar
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
CVE-2012-2098 - Medium Severity Vulnerability
Vulnerable Library - ant-1.8.2.jar
master POM
Path to dependency file: /tmp/ws-scm/proctor/coverage-report/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/ant/ant/1.8.2/ant-1.8.2.jar,canner/.m2/repository/org/apache/ant/ant/1.8.2/ant-1.8.2.jar
Dependency Hierarchy: - :x: **ant-1.8.2.jar** (Vulnerable Library)
Found in HEAD commit: 151dc45fc7c1c05aedd4f218e9bc0cced914ed1c
Vulnerability Details
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
Publish Date: 2012-06-29
URL: CVE-2012-2098
CVSS 2 Score Details (5.0)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098
Release Date: 2012-06-29
Fix Resolution: org.apache.ant:ant:1.8.4,org.apache.commons:commons-compress:1.4.1
:rescue_worker_helmet: Automatic Remediation is available for this issue