OSV-2024-269

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/apache-commons-configuration/OSV-2024-269.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-269
Published
2024-04-18T00:04:02.456948Z
Modified
2026-06-30T14:42:20.291338Z
Summary
Security exception in java.base/java.util.stream.AbstractPipeline.evaluate
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66703

Crash type: Security exception
Crash state:
java.base/java.util.stream.AbstractPipeline.evaluate
java.base/java.util.stream.ReferencePipeline.collect
org.apache.commons.configuration2.AbstractYAMLBasedConfiguration.parseCollection
References

Affected packages

OSS-Fuzz / apache-commons-configuration

Package

Name
apache-commons-configuration
Purl
pkg:generic/apache-commons-configuration

Affected ranges

Type
GIT
Repo
https://gitbox.apache.org/repos/asf/commons-configuration.git
Events
Introduced
4117b2050ab011f131d5a81c824bf89ddde303d4

Affected versions

commons-configuration-2.*
commons-configuration-2.10.0-RC1
commons-configuration-2.10.1-RC1
commons-configuration-2.11.0-RC1
commons-configuration-2.11.1-RC1
commons-configuration-2.12.0
commons-configuration-2.12.0-RC1
commons-configuration-2.13.0-RC1
commons-configuration-2.14.0-RC1
commons-configuration-2.15.0-RC2
commons-configuration-2.15.1-RC1
commons-configuration-2.15.1-RC2
commons-configuration-2.9.0-RC1
rel/commons-configuration-2.*
rel/commons-configuration-2.10.0
rel/commons-configuration-2.10.1
rel/commons-configuration-2.11.0
rel/commons-configuration-2.12.0
rel/commons-configuration-2.13.0
rel/commons-configuration-2.14.0
rel/commons-configuration-2.15.0
rel/commons-configuration-2.15.1
rel/commons-configuration-2.9.0

Ecosystem specific

{
    "severity": "LOW"
}

Database specific

source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/apache-commons-configuration/OSV-2024-269.yaml"