When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files. Apache Ant prior to 1.9.16 and 1.10.11 were affected.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
79
Affected Products
22
References
apache / ant
| - |
| oracle | agile_plm | - | - |
| oracle | banking_trade_finance | - | - |
| oracle | banking_treasury_management | - | - |
| oracle | communications_cloud_native_core_automated_test_suite | - | - |
| oracle | communications_cloud_native_core_binding_support_function | - | - |
| oracle | communications_diameter_intelligence_hub | 8.0.0 - 8.1.0 | - |
| oracle | communications_diameter_intelligence_hub | 8.2.0 - 8.2.3 | - |
| oracle | communications_order_and_service_management | - | - |
| oracle | communications_order_and_service_management | - | - |
| oracle | communications_unified_inventory_management | - | - |
| oracle | communications_unified_inventory_management | - | - |
| oracle | communications_unified_inventory_management | - | - |
| oracle | communications_unified_inventory_management | - | - |
| oracle | communications_unified_inventory_management | - | - |
| oracle | enterprise_repository | - | - |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.6 - 8.1.1 | - |
| oracle | health_sciences_information_manager | 3.0.1 - 3.0.5 | - |
| oracle | health_sciences_information_manager | - | - |
| oracle | insurance_policy_administration | 11.0 - 11.3.1 | - |
| oracle | primavera_gateway | 17.12.0 - 17.12.11 | - |
| oracle | primavera_gateway | 18.8.0 - 18.8.12 | - |
| oracle | primavera_gateway | 19.12.0 - 19.12.11 | - |
| oracle | primavera_gateway | 20.12.0 - 20.12.7 | - |
| oracle | primavera_unifier | 17.7 - 17.12 | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | product_lifecycle_analytics | - | - |
| oracle | real-time_decision_server | - | - |
| oracle | real-time_decision_server | - | - |
| oracle | retail_advanced_inventory_planning | - | - |
| oracle | retail_advanced_inventory_planning | - | - |
| oracle | retail_advanced_inventory_planning | - | - |
| oracle | retail_back_office | - | - |
| oracle | retail_back_office | - | - |
| oracle | retail_bulk_data_integration | - | - |
| oracle | retail_bulk_data_integration | - | - |
| oracle | retail_central_office | - | - |
| oracle | retail_central_office | - | - |
| oracle | retail_eftlink | - | - |
| oracle | retail_eftlink | - | - |
| oracle | retail_extract_transform_and_load | - | - |
| oracle | retail_financial_integration | - | - |
| oracle | retail_financial_integration | - | - |
| oracle | retail_financial_integration | - | - |
| oracle | retail_integration_bus | - | - |
| oracle | retail_integration_bus | - | - |
| oracle | retail_integration_bus | - | - |
| oracle | retail_integration_bus | - | - |
| oracle | retail_invoice_matching | - | - |
| oracle | retail_merchandising_system | - | - |
| oracle | retail_point-of-service | - | - |
| oracle | retail_point-of-service | - | - |
| oracle | retail_predictive_application_server | - | - |
| oracle | retail_predictive_application_server | - | - |
| oracle | retail_predictive_application_server | - | - |
| oracle | retail_service_backbone | - | - |
| oracle | retail_service_backbone | - | - |
| oracle | retail_service_backbone | - | - |
| oracle | retail_service_backbone | - | - |
| oracle | retail_store_inventory_management | - | - |
| oracle | retail_store_inventory_management | - | - |
| oracle | retail_store_inventory_management | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | timesten_in-memory_database | 11.2.2.8.27 | - |
| oracle | utilities_framework | 4.3.0.1.0 - 4.3.0.6.0 | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_testing_accelerator | - | - |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability
Impact