CVE-2018-1324
First published: Fri Mar 16 2018(Updated: )
A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package.
Credit: security@apache.org security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Commons Compress | >=1.11<=1.15 | |
| Oracle MySQL Cluster | <=7.4.34 | |
| Oracle MySQL Cluster | >=7.5.0<=7.5.24 | |
| Oracle MySQL Cluster | >=7.6.0<=7.6.20 | |
| Oracle MySQL Cluster | >=8.0.0<=8.0.27 | |
| Oracle WebLogic Server | =14.1.1.0.0 | |
| maven/io.takari:commons-compress | =1.12 | |
| maven/com.liferay:com.liferay.portal.tools.bundle.support | >=3.2.7<3.7.4 | 3.7.4 |
| maven/org.apache.commons:commons-compress | >=1.11<1.16 | 1.16 |
| >=1.11<=1.15 | ||
| <=7.4.34 | ||
| >=7.5.0<=7.5.24 | ||
| >=7.6.0<=7.6.20 | ||
| >=8.0.0<=8.0.27 | ||
| =14.1.1.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/103490
- http://www.securitytracker.com/id/1040549
- https://lists.apache.org/thread.html/1c7b6df6d1c5c8583518a0afa017782924918e4d6acfaf23ed5b2089@%3Cdev.commons.apache.org%3E
- https://lists.apache.org/thread.html/b8ef29df0f1d55aa741170748352ae8e425c7b1d286b2f257711a2dd@%3Cdev.creadur.apache.org%3E
- https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E
- https://lists.apache.org/thread.html/r5532dc8d5456b5151e8c286801e2e5769f5c04118b29c3b5d13ea387@%3Cissues.beam.apache.org%3E
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://nvd.nist.gov/vuln/detail/CVE-2018-1324
- https://github.com/advisories/GHSA-h436-432x-8fvx (Advisory)
- https://arxiv.org/pdf/2306.05534.pdf
- https://github.com/jensdietrich/xshady-release/tree/main/CVE-2018-1324
- https://lists.apache.org/thread.html/1c7b6df6d1c5c8583518a0afa017782924918e4d6acfaf23ed5b2089%40%3Cdev.commons.apache.org%3E
- https://lists.apache.org/thread.html/b8ef29df0f1d55aa741170748352ae8e425c7b1d286b2f257711a2dd%40%3Cdev.creadur.apache.org%3E
- https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
- https://lists.apache.org/thread.html/r5532dc8d5456b5151e8c286801e2e5769f5c04118b29c3b5d13ea387%40%3Cissues.beam.apache.org%3E
- https://github.com/apache/commons-compress/commit/2a2f1dc48e22a34ddb72321a4db211da91aa933b
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2018-1324.
What software is affected by this vulnerability?
Apache Commons Compress versions 1.11 to 1.15, Oracle MySQL Cluster versions 7.4.34 to 7.6.20, and Oracle WebLogic Server version 14.1.1.0.0 are affected by this vulnerability.
What is the severity of CVE-2018-1324?
The severity of CVE-2018-1324 is medium with a CVSS score of 5.5.
How can this vulnerability be exploited?
This vulnerability can be exploited by using a specially crafted ZIP archive to cause an infinite loop in the ZipFile and ZipArchiveInputStream classes of Apache Commons Compress.
Are there any fixes or patches available for this vulnerability?
It is recommended to update to a version of Apache Commons Compress, Oracle MySQL Cluster, or Oracle WebLogic Server that is not affected by this vulnerability.
- collector/nvd-index
- agent/author
- agent/type
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-h436-432x-8fvx
- alias/CVE-2018-1324
- agent/software-canonical-lookup
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/event
- collector/nvd-cve
- source/NVD
- collector/github-advisory
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/apache
- canonical/apache commons compress
- version/apache commons compress/1.11
- version/apache commons compress/1.15
- vendor/oracle
- canonical/oracle mysql cluster
- version/oracle mysql cluster/7.4.34
- version/oracle mysql cluster/7.5.0
- version/oracle mysql cluster/7.5.24
- version/oracle mysql cluster/7.6.0
- version/oracle mysql cluster/7.6.20
- version/oracle mysql cluster/8.0.0
- version/oracle mysql cluster/8.0.27
- canonical/oracle weblogic server
- version/oracle weblogic server/14.1.1.0.0
- package-manager/maven