vʌvr (formerly called Javaslang) is a non-commercial, non-profit object-functional library that runs with Java 8+. It aims to reduce the lines of code and increase code quality.
A denial of service vulnerability in vavr was discovered by CIFuzz. A bug in method CharSeq.repeat(char, int) means that an input of modest size can lead to indefinite amounts of memory being used. Can recurrent it like follows code.
Summary
A denial of service vulnerability in vavr was discovered by CIFuzz. A bug in method CharSeq.repeat(char, int) means that an input of modest size can lead to indefinite amounts of memory being used. Can recurrent it like follows code.
POC
pom
code
Attack