The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2022-06-27T21:40:10

Updated: 2024-08-03T08:09:22.671Z

Reserved: 2022-06-16T00:00:00

Link: CVE-2022-33879

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-06-27T22:15:09.377

Modified: 2022-10-28T13:53:14.787

Link: CVE-2022-33879

cve-icon Redhat

No data.