{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49860?format=json","vulnerability_id":"VCID-4zzw-974t-cuc8","summary":"weixin4j has Improperly Controlled Sequential Memory Allocation\nImproperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j (weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules). This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java.\n\nThis issue affects all versions of weixin4j. A path is available:  [d1c8258](https://github.com/foxinmy/weixin4j/commit/4b7ad14df6567064b468b4c9cb7a8bfeff48c8bd)","aliases":[{"alias":"CVE-2026-24819"},{"alias":"GHSA-444m-px7r-qpvv"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73638?format=json","purl":"pkg:maven/com.foxinmy/weixin4j-base@1.10.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zzw-974t-cuc8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.foxinmy/weixin4j-base@1.10.2"}],"references":[{"reference_url":"https://github.com/foxinmy/weixin4j","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/foxinmy/weixin4j"},{"reference_url":"https://github.com/foxinmy/weixin4j/commit/d1c825835802cd3a0c04772be1220ff4476ea27c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/foxinmy/weixin4j/commit/d1c825835802cd3a0c04772be1220ff4476ea27c"},{"reference_url":"https://github.com/foxinmy/weixin4j/pull/229","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/foxinmy/weixin4j/pull/229"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24819","reference_id":"CVE-2026-24819","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24819"},{"reference_url":"https://github.com/advisories/GHSA-444m-px7r-qpvv","reference_id":"GHSA-444m-px7r-qpvv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-444m-px7r-qpvv"}],"weaknesses":[{"cwe_id":1325,"name":"Improperly Controlled Sequential Memory Allocation","description":"The product manages a group of objects or resources and performs a separate memory allocation for each object, but it does not properly limit the total amount of memory that is consumed by all of the combined objects."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zzw-974t-cuc8"}