VulnerableCode Package Details - pkg:maven/org.apache.ant/ant@1.10.11

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2a6z-dfqf-5ycb	Uncontrolled Resource Consumption When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant.	CVE-2021-36373 GHSA-q5r4-cfpx-h6fh
VCID-6uzy-57uy-zkfw	Uncontrolled Resource Consumption When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files.	CVE-2021-36374 GHSA-5v34-g2px-j4fw

Vulnerability

Summary

Aliases

VCID-2a6z-dfqf-5ycb

Uncontrolled Resource Consumption When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant.

CVE-2021-36373
GHSA-q5r4-cfpx-h6fh

VCID-6uzy-57uy-zkfw

Uncontrolled Resource Consumption When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files.

CVE-2021-36374
GHSA-5v34-g2px-j4fw

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-11T22:40:26.015916+00:00	GitLab Importer	Fixing	VCID-2a6z-dfqf-5ycb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36373.yml	38.3.0
2026-04-11T22:40:25.798632+00:00	GitLab Importer	Fixing	VCID-6uzy-57uy-zkfw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36374.yml	38.3.0
2026-04-02T22:50:55.844028+00:00	GitLab Importer	Fixing	VCID-2a6z-dfqf-5ycb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36373.yml	38.1.0
2026-04-02T22:50:55.641165+00:00	GitLab Importer	Fixing	VCID-6uzy-57uy-zkfw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36374.yml	38.1.0
2026-04-02T16:57:36.866055+00:00	GHSA Importer	Fixing	VCID-6uzy-57uy-zkfw	https://github.com/advisories/GHSA-5v34-g2px-j4fw	38.1.0
2026-04-02T16:57:36.830014+00:00	GHSA Importer	Fixing	VCID-2a6z-dfqf-5ycb	https://github.com/advisories/GHSA-q5r4-cfpx-h6fh	38.1.0
2026-04-01T13:01:33.900779+00:00	GithubOSV Importer	Fixing	VCID-2a6z-dfqf-5ycb	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-q5r4-cfpx-h6fh/GHSA-q5r4-cfpx-h6fh.json	38.0.0
2026-04-01T13:01:29.403566+00:00	GithubOSV Importer	Fixing	VCID-6uzy-57uy-zkfw	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-5v34-g2px-j4fw/GHSA-5v34-g2px-j4fw.json	38.0.0
2026-04-01T12:48:35.697424+00:00	GitLab Importer	Fixing	VCID-2a6z-dfqf-5ycb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36373.yml	38.0.0
2026-04-01T12:48:35.670717+00:00	GitLab Importer	Fixing	VCID-6uzy-57uy-zkfw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.ant/ant/CVE-2021-36374.yml	38.0.0