CVE-2021-36090
Published at:
-
13-07-2021 10:15
Last modified:
-
12-09-2022 03:51
Total changes:
-
17
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Network
Attack vector
High
Availability
None
Confidentiality
None
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
7.5
Base score
3.9
3.6
Exploitability score
Impact score
Verification logic
Reference
- https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E
- https://commons.apache.org/proper/commons-compress/security-reports.html
- [oss-security] 20210713 CVE-2021-36090: Apache Commons Compress 1.0 to 1.20 denial of service vulnerability-Mailing List, Third Party Advisory
- [announce] 20210713 CVE-2021-36090: Apache Commons Compress 1.0 to 1.20 denial of service vulnerability-Mailing List, Vendor Advisory
- [ant-user] 20210713 CVE-2021-36374: Apache Ant ZIP, and ZIP based, archive denial of service vulerability-Mailing List, Vendor Advisory
- [announce] 20210713 CVE-2021-36374: Apache Ant ZIP, and ZIP based, archive denial of service vulerability-Mailing List, Vendor Advisory
- [oss-security] 20210713 CVE-2021-36374: Apache Ant ZIP, and ZIP based, archive denial of service vulerability-Mailing List, Third Party Advisory
- [james-notifications] 20210714 [GitHub] [james-project] chibenwa opened a new pull request #537: [UPGRADE] Security upgrade: common-compress to 1.21-Mailing List, Patch, Vendor Advisory
- [pulsar-commits] 20210716 [GitHub] [pulsar] lhotari opened a new pull request #11345: [Security] Upgrade commons-compress to 1.21-Mailing List, Patch, Vendor Advisory
- [druid-commits] 20210726 [GitHub] [druid] suneet-s opened a new pull request #11496: Address CVE-2021-35515 CVE-2021-36090-Mailing List, Vendor Advisory
- [druid-commits] 20210726 [druid] branch master updated: Address CVE-2021-35515 CVE-2021-36090 (#11496)-Mailing List, Patch, Vendor Advisory
- [druid-commits] 20210726 [GitHub] [druid] suneet-s merged pull request #11496: Address CVE-2021-35515 CVE-2021-36090-Mailing List, Vendor Advisory
- [skywalking-notifications] 20210802 [GitHub] [skywalking] wu-sheng opened a new pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Vendor Advisory
- [skywalking-notifications] 20210802 [skywalking] 01/01: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Patch, Vendor Advisory
- [skywalking-notifications] 20210803 [GitHub] [skywalking] codecov[bot] edited a comment on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Vendor Advisory
- [skywalking-notifications] 20210803 [GitHub] [skywalking] hanahmily merged pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Vendor Advisory
- [skywalking-notifications] 20210802 [GitHub] [skywalking] codecov[bot] edited a comment on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Vendor Advisory
- [skywalking-notifications] 20210803 [skywalking] branch master updated: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 (#7400)-Mailing List, Patch, Vendor Advisory
- [skywalking-notifications] 20210802 [GitHub] [skywalking] codecov[bot] commented on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090-Mailing List, Vendor Advisory
- [drill-dev] 20210803 [jira] [Created] (DRILL-7981) Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090-Mailing List, Vendor Advisory
- [drill-issues] 20210803 [jira] [Created] (DRILL-7981) Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090-Mailing List, Vendor Advisory
- [drill-dev] 20210804 [GitHub] [drill] luocooong opened a new pull request #2285: Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090-Mailing List, Vendor Advisory
- [drill-dev] 20210804 [GitHub] [drill] luocooong merged pull request #2285: DRILL-7981: Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090-Mailing List, Vendor Advisory
- [drill-commits] 20210804 [drill] branch master updated: Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090-Mailing List, Patch, Vendor Advisory
- [drill-issues] 20210804 [jira] [Commented] (DRILL-7981) Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090-Mailing List, Vendor Advisory
- [drill-dev] 20210805 [GitHub] [drill] luocooong merged pull request #2285: DRILL-7981: Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090-Mailing List, Vendor Advisory
- [drill-issues] 20210805 [jira] [Commented] (DRILL-7981) Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090-Mailing List, Vendor Advisory
- [tomcat-dev] 20210811 [GitHub] [tomcat-jakartaee-migration] ebourg commented on issue #23: Vulnerability with Apache Commons Compress v1.20-Mailing List, Vendor Advisory
- [poi-dev] 20210923 Re: [VOTE] Apache POI 5.1.0 release (RC1)-Broken Link, Mailing List, Vendor Advisory
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://security.netapp.com/advisory/ntap-20211022-0001/
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- N/A-
Keywords