GHSA-jr6h-r7vg-f9mc

Source

https://github.com/advisories/GHSA-jr6h-r7vg-f9mc

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/10/GHSA-jr6h-r7vg-f9mc/GHSA-jr6h-r7vg-f9mc.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-jr6h-r7vg-f9mc

Aliases

CVE-2022-41404

Published

2022-10-12T12:00:20Z

Modified

2025-06-09T19:09:40.118895Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

org.ini4j allows attackers to cause a Denial of Service (DoS)

Details

An issue in the fetch() method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

Database specific

{
    "nvd_published_at": "2022-10-11T23:15:00Z",
    "severity": "HIGH",
    "cwe_ids": [
        "CWE-400"
    ],
    "github_reviewed_at": "2022-10-18T17:07:30Z",
    "github_reviewed": true
}

References

Affected packages

Maven / org.ini4j:ini4j

Package

Name: org.ini4j:ini4j; View open source insights on deps.dev
Purl: pkg:maven/org.ini4j/ini4j

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

0.5.4

Affected versions

0.*

0.3.1

0.3.2

0.3.3

0.4.0

0.4.1

0.4.1.bad

0.5.0

0.5.1

0.5.2

0.5.4