Spring Boot. Vulnerability CVE-2025-48924 in 3.3.0-RELEASE #263
aurelio-wi
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
I'm implementation com.github.sonus21:rqueue-spring-boot-starter:3.3.0-RELEASE with Spring Boot 3.4.5. I read this vulnerability CVE-2025-48924 in Maven Repository: https://mvnrepository.com/artifact/com.github.sonus21/rqueue-spring-boot-starter/3.3.0-RELEASE. See below.
Which states that the issue is fixed in version 3.18.0, which doesn't exist in the Maven Repository or Central. Please help.
_
Published: 2025-07-11
Updated: 2025-07-11
Title: Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass(...) Can Throw A StackOverflowError On Very Long Inputs
Description
Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a StackOverflowError could cause an application to stop. Users are recommended to upgrade to version 3.18.0, which fixes the issue.
_
Beta Was this translation helpful? Give feedback.
All reactions