CVE-2021-35517
Published at:
-
13-07-2021 10:15
Last modified:
-
12-09-2022 03:51
Total changes:
-
18
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Network
Attack vector
High
Availability
None
Confidentiality
None
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
7.5
Base score
3.9
3.6
Exploitability score
Impact score
Verification logic
Reference
- https://commons.apache.org/proper/commons-compress/security-reports.html
- https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E
- [oss-security] 20210713 CVE-2021-35517: Apache Commons Compress 1.1 to 1.20 denial of service vulnerability-Mailing List, Third Party Advisory
- [announce] 20210713 CVE-2021-35517: Apache Commons Compress 1.1 to 1.20 denial of service vulnerability-Mailing List, Vendor Advisory
- [ant-user] 20210713 CVE-2021-36373: Apache Ant TAR archive denial of service vulnerability-Mailing List, Not Applicable, Vendor Advisory
- [announce] 20210713 CVE-2021-36373: Apache Ant TAR archive denial of service vulnerability-Mailing List, Not Applicable, Vendor Advisory
- [oss-security] 20210713 CVE-2021-36373: Apache Ant TAR archive denial of service vulnerability-Mailing List, Third Party Advisory
- [pulsar-commits] 20210716 [GitHub] [pulsar] lhotari opened a new pull request #11345: [Security] Upgrade commons-compress to 1.21-Mailing List, Patch, Vendor Advisory
- [skywalking-notifications] 20210802 [GitHub] [skywalking] wu-sheng opened a new pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Patch, Vendor Advisory
- [skywalking-notifications] 20210802 [skywalking] 01/01: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Patch, Vendor Advisory
- [skywalking-notifications] 20210803 [GitHub] [skywalking] codecov[bot] edited a comment on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Patch, Vendor Advisory
- [skywalking-notifications] 20210803 [GitHub] [skywalking] hanahmily merged pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Patch, Vendor Advisory
- [skywalking-notifications] 20210802 [GitHub] [skywalking] codecov[bot] edited a comment on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Patch, Vendor Advisory
- [skywalking-notifications] 20210803 [skywalking] branch master updated: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 (#7400)-Mailing List, Patch, Vendor Advisory
- [skywalking-notifications] 20210802 [GitHub] [skywalking] codecov[bot] commented on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Patch, Vendor Advisory
- [flink-issues] 20210908 [GitHub] [flink] MartijnVisser opened a new pull request #17194: [FLINK-24034] Upgrade commons-compress to 1.21 and other apache.commons updates-Mailing List, Patch, Vendor Advisory
- [poi-dev] 20210923 Re: [VOTE] Apache POI 5.1.0 release (RC1)-Mailing List, Vendor Advisory
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://security.netapp.com/advisory/ntap-20211022-0001/
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- N/A-
Keywords