stale[bot]
commented
4 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.
CVE-2012-2098 - Medium Severity Vulnerability
master POM
path: /ddf/distribution/kernel/target/dependencies/solr/dist/test-framework/lib/ant-1.8.2.jar,/ddf/distribution/ddf/target/dependencies/solr/dist/test-framework/lib/ant-1.8.2.jar,/ddf/distribution/solr-distro/target/solr-7.4.0/dist/test-framework/lib/ant-1.8.2.jar
Library home page: http://ant.apache.org/ant/
Dependency Hierarchy: - :x: **ant-1.8.2.jar** (Vulnerable Library)Found in HEAD commit: ea35fc52f05b85ef437e9a9e39a887ad51692ff0
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
Publish Date: 2012-06-29
URL: CVE-2012-2098
Base Score Metrics not available
Type: Upgrade version
Origin: https://exchange.xforce.ibmcloud.com/vulnerabilities/75857
Fix Resolution: For Apache Commons Compress: Upgrade to the latest version of Apache Commons Compress (1.4.1 or later), available from the Apache Web site. See References. For Apache Ant: Upgrade to the latest version of Apache Ant (1.8.4 or later), available from the Apache Web site. See References. For IBM products: Refer to the appropriate IBM Security Bulletin for patch, upgrade, or suggested workaround information. See References. For other distributions: Apply the appropriate update for your system. See References.
Step up your Open Source Security Game with WhiteSource here