First published: Tue Jul 13 2021(Updated: )
A flaw was found in apache-commons-compress. When reading a specially crafted ZIP archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This flaw allows the mounting of a denial of service attack against services that use Compress' zip package. The highest threat from this vulnerability is to system availability.
Credit: security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/apache-commons-compress | <0:1.21-1.2.el8e | 0:1.21-1.2.el8e |
redhat/apache-commons-compress | <1.21 | 1.21 |
Apache Commons Compress | >=1.0<1.21 | |
Oracle Banking Apis | >=18.1<=18.3 | |
Oracle Banking Apis | =19.1 | |
Oracle Banking Apis | =19.2 | |
Oracle Banking Apis | =20.1 | |
Oracle Banking Apis | =21.1 | |
Oracle Banking Digital Experience | >=18.1<=18.3 | |
Oracle Banking Digital Experience | =19.1 | |
Oracle Banking Digital Experience | =19.2 | |
Oracle Banking Digital Experience | =20.1 | |
Oracle Banking Digital Experience | =21.1 | |
Oracle Banking Enterprise Default Management | =2.7.0 | |
Oracle Banking Party Management | =2.7.0 | |
Oracle Banking Payments | =14.5 | |
Oracle Banking Platform | =2.6.2 | |
Oracle Banking Platform | =2.7.1 | |
Oracle Banking Platform | =2.9.0 | |
Oracle Banking Platform | =2.12.0 | |
Oracle Banking Trade Finance | =14.5 | |
Oracle Banking Treasury Management | =14.5 | |
Oracle Business Process Management Suite | =12.2.1.3.0 | |
Oracle Business Process Management Suite | =12.2.1.4.0 | |
Oracle Commerce Guided Search | =11.3.2 | |
Oracle Communications Billing and Revenue Management | =12.0.0.4 | |
Oracle Communications Cloud Native Core Automated Test Suite | =1.8.0 | |
Oracle Communications Cloud Native Core Service Communication Proxy | =1.14.0 | |
Oracle Communications Cloud Native Core Unified Data Repository | =1.14.0 | |
Oracle Communications Diameter Intelligence Hub | >=8.0.0<=8.2.3 | |
Oracle Communications Diameter Intelligence Hub | =8.2.3 | |
Oracle Communications Element Manager | >=8.2.0<=8.2.4.0 | |
Oracle Communications Session Report Manager | >=8.2.0<=8.2.5.0 | |
Oracle Communications Session Route Manager | >=8.0.0<=8.2.5.0 | |
Oracle Communications Unified Inventory Management | =7.4.0 | |
Oracle Communications Unified Inventory Management | =7.4.1 | |
Oracle Communications Unified Inventory Management | =7.4.2 | |
Oracle Communications Unified Inventory Management | =7.5.0 | |
Oracle Financial Services Analytical Applications Infrastructure | >=8.0.6<=8.1.1 | |
Oracle Financial Services Crime And Compliance Management Studio | =8.0.8.2.0 | |
Oracle Financial Services Crime And Compliance Management Studio | =8.0.8.3.0 | |
Oracle Financial Services Enterprise Case Management | ||
Oracle Financial Services Enterprise Case Management | =8.0.7.2.0 | |
Oracle Financial Services Enterprise Case Management | =8.0.8.1.0 | |
Oracle FLEXCUBE Universal Banking | >=14.0.0<=14.3.0 | |
Oracle FLEXCUBE Universal Banking | =12.4 | |
Oracle FLEXCUBE Universal Banking | =14.5 | |
Oracle Healthcare Data Repository | =8.1.0 | |
Oracle Insurance Policy Administration | =11.0.2 | |
Oracle Insurance Policy Administration | =11.1.0 | |
Oracle Insurance Policy Administration | =11.2.8 | |
Oracle Insurance Policy Administration | =11.3.0 | |
Oracle Insurance Policy Administration | =11.3.1 | |
Oracle PeopleSoft Enterprise PeopleTools | =8.57 | |
Oracle PeopleSoft Enterprise PeopleTools | =8.58 | |
Oracle PeopleSoft Enterprise PeopleTools | =8.59 | |
Oracle Primavera Gateway | >=17.12.0<=17.12.11 | |
Oracle Primavera Gateway | >=18.8.0<=18.8.12 | |
Oracle Primavera Gateway | >=19.12.0<=19.12.11 | |
Oracle Primavera Gateway | >=20.12.0<=20.12.7 | |
Oracle Primavera Unifier | >=17.7<=17.12 | |
Oracle Primavera Unifier | =18.8 | |
Oracle Primavera Unifier | =19.12 | |
Oracle Primavera Unifier | =20.12 | |
Oracle Utilities Testing Accelerator | =6.0.0.1.1 | |
Oracle Utilities Testing Accelerator | =6.0.0.2.2 | |
Oracle Utilities Testing Accelerator | =6.0.0.3.1 | |
Oracle WebCenter Portal | =12.2.1.3.0 | |
Oracle WebCenter Portal | =12.2.1.4.0 | |
Oracle Communications Messaging Server | =8.1 | |
Netapp Active Iq Unified Manager Linux | ||
Netapp Active Iq Unified Manager Vmware Vsphere | ||
Netapp Active Iq Unified Manager Windows | ||
NetApp OnCommand Insight | ||
<=V2.3.0 - V2.3.3.3 Interim Fix 1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.