The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2022-06-27T21:40:10
Updated: 2024-08-03T08:09:22.671Z
Reserved: 2022-06-16T00:00:00
Link: CVE-2022-33879
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-06-27T22:15:09.377
Modified: 2022-10-28T13:53:14.787
Link: CVE-2022-33879
Redhat
No data.