org.apache.ant:ant@1.10.9 vulnerabilities

latest version

1.10.14
latest non vulnerable version

1.10.14
first published

17 years ago
latest version published

9 months ago
licenses detected
- Apache-2.0
  [0,)
package manager

View on Maven Repository

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.apache.ant:ant package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
L Denial of Service (DoS) org.apache.ant:ant is a software tool for automating software build processes which originated from the Apache Tomcat project in early 2000. Affected versions of this package are vulnerable to Denial of Service (DoS). When reading a specially crafted ZIP archive, or a derived format, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats of ZIP archives include JAR files. How to fix Denial of Service (DoS)? Upgrade `org.apache.ant:ant` to version 1.9.16, 1.10.11 or higher.	[,1.9.16) [1.10.0,1.10.11)
L Denial of Service (DoS) org.apache.ant:ant is a software tool for automating software build processes which originated from the Apache Tomcat project in early 2000. Affected versions of this package are vulnerable to Denial of Service (DoS). When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. How to fix Denial of Service (DoS)? Upgrade `org.apache.ant:ant` to version 1.9.16, 1.10.11 or higher.	[1.9.0,1.9.16) [1.10.0,1.10.11)

Denial of Service (DoS)

org.apache.ant:ant is a software tool for automating software build processes which originated from the Apache Tomcat project in early 2000.

Affected versions of this package are vulnerable to Denial of Service (DoS). When reading a specially crafted ZIP archive, or a derived format, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats of ZIP archives include JAR files.

How to fix Denial of Service (DoS)?

Upgrade org.apache.ant:ant to version 1.9.16, 1.10.11 or higher.

[,1.9.16) [1.10.0,1.10.11)

Denial of Service (DoS)

org.apache.ant:ant is a software tool for automating software build processes which originated from the Apache Tomcat project in early 2000.

Affected versions of this package are vulnerable to Denial of Service (DoS). When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs.

How to fix Denial of Service (DoS)?

Upgrade org.apache.ant:ant to version 1.9.16, 1.10.11 or higher.

[1.9.0,1.9.16) [1.10.0,1.10.11)

Go back to all versions of this package

org.apache.ant:ant@1.10.9 vulnerabilities

latest version

latest non vulnerable version

first published

latest version published

licenses detected

package manager

Direct Vulnerabilities