Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.commons/commons-configuration2@2.10.1
purl pkg:maven/org.apache.commons/commons-configuration2@2.10.1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-7dw4-pssj-dqf8 Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree This Out-of-bounds Write vulnerability in Apache Commons Configuration affects Apache Commons Configuration: from 2.0 before 2.10.1. User can see this as a 'StackOverflowError' calling 'ListDelimiterHandler.flatten(Object, int)' with a cyclical object tree. Users are recommended to upgrade to version 2.10.1, which fixes the issue. CVE-2024-29133
GHSA-9w38-p64v-xpmv
VCID-y9pv-wgb6-mfa7 Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() This Out-of-bounds Write vulnerability in Apache Commons Configuration affects Apache Commons Configuration: from 2.0 before 2.10.1. User can see this as a 'StackOverflowError' when adding a property in 'AbstractListDelimiterHandler.flattenIterator()'. Users are recommended to upgrade to version 2.10.1, which fixes the issue. CVE-2024-29131
GHSA-xjp4-hw94-mvp5

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:54:19.805513+00:00 GitLab Importer Fixing VCID-y9pv-wgb6-mfa7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-configuration2/CVE-2024-29131.yml 38.4.0
2026-04-16T22:54:16.636790+00:00 GitLab Importer Fixing VCID-7dw4-pssj-dqf8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-configuration2/CVE-2024-29133.yml 38.4.0
2026-04-12T00:12:47.015509+00:00 GitLab Importer Fixing VCID-y9pv-wgb6-mfa7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-configuration2/CVE-2024-29131.yml 38.3.0
2026-04-12T00:12:43.681880+00:00 GitLab Importer Fixing VCID-7dw4-pssj-dqf8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-configuration2/CVE-2024-29133.yml 38.3.0
2026-04-03T00:19:05.649572+00:00 GitLab Importer Fixing VCID-y9pv-wgb6-mfa7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-configuration2/CVE-2024-29131.yml 38.1.0
2026-04-03T00:19:02.400472+00:00 GitLab Importer Fixing VCID-7dw4-pssj-dqf8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-configuration2/CVE-2024-29133.yml 38.1.0
2026-04-01T16:04:53.464353+00:00 GHSA Importer Fixing VCID-y9pv-wgb6-mfa7 https://github.com/advisories/GHSA-xjp4-hw94-mvp5 38.0.0
2026-04-01T16:04:53.432889+00:00 GHSA Importer Fixing VCID-7dw4-pssj-dqf8 https://github.com/advisories/GHSA-9w38-p64v-xpmv 38.0.0
2026-04-01T12:52:40.084415+00:00 GitLab Importer Fixing VCID-y9pv-wgb6-mfa7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-configuration2/CVE-2024-29131.yml 38.0.0
2026-04-01T12:52:40.026474+00:00 GitLab Importer Fixing VCID-7dw4-pssj-dqf8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-configuration2/CVE-2024-29133.yml 38.0.0
2026-04-01T12:50:54.297456+00:00 GithubOSV Importer Fixing VCID-y9pv-wgb6-mfa7 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/03/GHSA-xjp4-hw94-mvp5/GHSA-xjp4-hw94-mvp5.json 38.0.0
2026-04-01T12:50:51.468903+00:00 GithubOSV Importer Fixing VCID-7dw4-pssj-dqf8 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/03/GHSA-9w38-p64v-xpmv/GHSA-9w38-p64v-xpmv.json 38.0.0