VulnerableCode Package Details - pkg:maven/org.apache.ant/ant@1.10.10

Search for packages

Vulnerability	Summary	Fixed by
VCID-2a6z-dfqf-5ycb Aliases: CVE-2021-36373 GHSA-q5r4-cfpx-h6fh	Uncontrolled Resource Consumption When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant.	1.10.11 Affected by 0 other vulnerabilities.
VCID-6uzy-57uy-zkfw Aliases: CVE-2021-36374 GHSA-5v34-g2px-j4fw	Uncontrolled Resource Consumption When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files.	1.10.11 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-2a6z-dfqf-5ycb
Aliases:
CVE-2021-36373
GHSA-q5r4-cfpx-h6fh

Uncontrolled Resource Consumption When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant.

1.10.11
Affected by 0 other vulnerabilities.

VCID-6uzy-57uy-zkfw
Aliases:
CVE-2021-36374
GHSA-5v34-g2px-j4fw

Uncontrolled Resource Consumption When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files.

1.10.11
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-11T22:40:26.012150+00:00	GitLab Importer	Affected by	VCID-2a6z-dfqf-5ycb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36373.yml	38.3.0
2026-04-11T22:40:25.795143+00:00	GitLab Importer	Affected by	VCID-6uzy-57uy-zkfw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36374.yml	38.3.0
2026-04-02T22:50:55.840798+00:00	GitLab Importer	Affected by	VCID-2a6z-dfqf-5ycb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36373.yml	38.1.0
2026-04-02T22:50:55.637751+00:00	GitLab Importer	Affected by	VCID-6uzy-57uy-zkfw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36374.yml	38.1.0
2026-04-01T17:08:56.263619+00:00	GitLab Importer	Affected by	VCID-2a6z-dfqf-5ycb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36373.yml	38.0.0
2026-04-01T17:08:56.047224+00:00	GitLab Importer	Affected by	VCID-6uzy-57uy-zkfw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36374.yml	38.0.0