Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.commons/commons-compress@1.26.0
purl pkg:maven/org.apache.commons/commons-compress@1.26.0
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-cg72-sg2w-t3ft Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue. CVE-2024-26308
GHSA-4265-ccf5-phj5
VCID-p41w-msyv-u7bk Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710
GHSA-4g9r-vxhx-9pgx

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:51:10.467682+00:00 GitLab Importer Fixing VCID-cg72-sg2w-t3ft https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-compress/CVE-2024-26308.yml 38.4.0
2026-04-16T22:51:10.248769+00:00 GitLab Importer Fixing VCID-p41w-msyv-u7bk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-compress/CVE-2024-25710.yml 38.4.0
2026-04-12T00:10:22.470992+00:00 GitLab Importer Fixing VCID-cg72-sg2w-t3ft https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-compress/CVE-2024-26308.yml 38.3.0
2026-04-12T00:10:22.285639+00:00 GitLab Importer Fixing VCID-p41w-msyv-u7bk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-compress/CVE-2024-25710.yml 38.3.0
2026-04-03T00:15:44.584242+00:00 GitLab Importer Fixing VCID-cg72-sg2w-t3ft https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-compress/CVE-2024-26308.yml 38.1.0
2026-04-03T00:15:44.364112+00:00 GitLab Importer Fixing VCID-p41w-msyv-u7bk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-compress/CVE-2024-25710.yml 38.1.0
2026-04-01T16:04:35.084284+00:00 GHSA Importer Fixing VCID-cg72-sg2w-t3ft https://github.com/advisories/GHSA-4265-ccf5-phj5 38.0.0
2026-04-01T16:04:35.058536+00:00 GHSA Importer Fixing VCID-p41w-msyv-u7bk https://github.com/advisories/GHSA-4g9r-vxhx-9pgx 38.0.0
2026-04-01T12:52:31.577500+00:00 GitLab Importer Fixing VCID-cg72-sg2w-t3ft https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-compress/CVE-2024-26308.yml 38.0.0
2026-04-01T12:52:31.544913+00:00 GitLab Importer Fixing VCID-p41w-msyv-u7bk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-compress/CVE-2024-25710.yml 38.0.0
2026-04-01T12:50:30.508450+00:00 GithubOSV Importer Fixing VCID-p41w-msyv-u7bk https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-4g9r-vxhx-9pgx/GHSA-4g9r-vxhx-9pgx.json 38.0.0
2026-04-01T12:50:27.185310+00:00 GithubOSV Importer Fixing VCID-cg72-sg2w-t3ft https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-4265-ccf5-phj5/GHSA-4265-ccf5-phj5.json 38.0.0