CVE-2021-36373

{"id": "CVE-2021-36373", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2021-07-14T07:15:08.237", "references": [{"url": "https://ant.apache.org/security.html", "tags": ["Patch", "Vendor Advisory"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r27919fd4db07c487239c1d9771f480d89ce5ee2750aa9447309b709a%40%3Ccommits.groovy.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r544c9e8487431768465b8b2d13982c75123109bd816acf839d46010d%40%3Ccommits.groovy.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r54afdab05e01de970649c2d91a993f68a6b00cd73e6e34e16c832d46%40%3Cuser.ant.apache.org%3E", "tags": ["Mailing List", "Vendor Advisory"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/rad36f470647c5a7c02dd78c9973356d2840766d132b597b6444e373a%40%3Cnotifications.groovy.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/rf4bb79751a02889623195715925e4fd8932dd3c97e0ade91395a96c6%40%3Cdev.myfaces.apache.org%3E", "source": "security@apache.org"}, {"url": "https://security.netapp.com/advisory/ntap-20210819-0007/", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Not Applicable"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@apache.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-130"}]}], "descriptions": [{"lang": "en", "value": "When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected."}, {"lang": "es", "value": "Cuando se lee un archivo TAR especialmente dise\u00f1ado, se puede hacer que una compilaci\u00f3n de Apache Ant asigne grandes cantidades de memoria que finalmente conlleva a un error de falta de memoria, incluso para entradas peque\u00f1as. Esto puede ser usado para interrumpir las compilaciones usando Apache Ant. Apache Ant versiones anteriores a 1.9.16 y 1.10.11 estaban afectados"}], "lastModified": "2023-11-07T03:36:45.367", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:ant:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C89ED6A3-3C13-4D67-A2B2-BF2A9FF9E03B", "versionEndExcluding": "1.9.16", "versionStartIncluding": "1.9.0"}, {"criteria": "cpe:2.3:a:apache:ant:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87EE8429-8072-48A8-B406-3A8487A350B6", "versionEndExcluding": "1.10.11", "versionStartIncluding": "1.10.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C650FEDB-E903-4C2D-AD40-282AB5F2E3C2"}, {"criteria": "cpe:2.3:a:oracle:banking_trade_finance:14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64750C01-21AC-4947-B674-6690EAAAC5DB"}, {"criteria": "cpe:2.3:a:oracle:banking_treasury_management:14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C3D0063-9458-4018-9B92-79A219716C10"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4CA84D6-F312-4C29-A02B-050FCB7A902B"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10323322-F6C0-4EA7-9344-736F7A80AA5F"}, {"criteria": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21CC9E01-616E-411B-B0C7-DE6E599D3319"}, {"criteria": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F015E20-7886-4713-B4EC-FE7894066D09"}, {"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05AD47CC-8A6D-4AEC-B23E-701D3D649CC6"}, {"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "539DA24F-E3E0-4455-84C6-A9D96CD601B3"}, {"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7637F8B-15F1-42E2-BE18-E1FF7C66587D"}, {"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E43D793A-7756-4D58-A8ED-72DC4EC9CEA7"}, {"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EBC7EB1-FD72-4BFC-92CC-7C8B8E462D7C"}, {"criteria": "cpe:2.3:a:oracle:enterprise_repository:11.1.1.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69300B13-8C0F-4433-A6E8-B2CE32C4723D"}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F73C3A-A5C1-46F5-91E4-22F97A79E703", "versionEndIncluding": "8.1.1", "versionStartIncluding": "8.0.6"}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E883986-13DA-470F-95C4-BEBD0EDFEB9C", "versionEndIncluding": "11.3.1", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48", "versionEndIncluding": "17.12.11", "versionStartIncluding": "17.12.0"}, {"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "301E7158-9090-467C-B3B4-30A8DB3B395D", "versionEndIncluding": "18.8.12", "versionStartIncluding": "18.8.0"}, {"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBEFACB1-C8EA-492B-8F85-A564DB363C83", "versionEndIncluding": "19.12.11", "versionStartIncluding": "19.12.0"}, {"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6B70E72-B9FC-4E49-8EDD-29C7E14F5792", "versionEndIncluding": "20.12.7", "versionStartIncluding": "20.12.0"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", "versionEndIncluding": "17.12", "versionStartIncluding": "17.7"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06"}, {"criteria": "cpe:2.3:a:oracle:real-time_decision_server:3.2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C914A8CA-352B-4B02-8A2F-D5A6EC04AF53"}, {"criteria": "cpe:2.3:a:oracle:real-time_decision_server:11.1.1.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DBAC91D-14AA-4FEA-BBDA-C09CB5B3B831"}, {"criteria": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56239DBD-E294-44A4-9DD3-CEEC58C1BC0C"}, {"criteria": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "517E0654-F1DE-43C4-90B5-FB90CA31734B"}, {"criteria": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:16.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43DA1635-08DA-434D-AA39-20D117468B5A"}, {"criteria": "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31C7EEA3-AA72-48DA-A112-2923DBB37773"}, {"criteria": "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0735989-13BD-40B3-B954-AC0529C5B53D"}, {"criteria": "cpe:2.3:a:oracle:retail_bulk_data_integration:16.0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "360B307A-3D7F-4B38-8248-76CF8318B023"}, {"criteria": "cpe:2.3:a:oracle:retail_bulk_data_integration:19.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C401E65A-8FA0-44E6-9AFC-6CC06498122F"}, {"criteria": "cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83B5F416-56AE-4DC5-BCFF-49702463E716"}, {"criteria": "cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58405263-E84C-4071-BB23-165D49034A00"}, {"criteria": "cpe:2.3:a:oracle:retail_eftlink:19.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2140357-503A-4D2A-A099-CFA4DC649E41"}, {"criteria": "cpe:2.3:a:oracle:retail_eftlink:20.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BAE5686-8E11-4EF1-BC7E-5C565F2440C7"}, {"criteria": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31FFE404-027E-4B59-B3EF-BD20E1F7EECC"}, {"criteria": "cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "798E4FEE-9B2B-436E-A2B3-B8AA1079892A"}, {"criteria": "cpe:2.3:a:oracle:retail_financial_integration:15.0.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F09182F-D0F2-41A7-A4AB-79099194B2CB"}, {"criteria": "cpe:2.3:a:oracle:retail_financial_integration:16.0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44AA1B51-8A24-48F0-B16F-803D69698707"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CFCE558-9972-46A2-8539-C16044F1BAA9"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "919DED83-2F88-4202-9556-5F4E5E1E6790"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:16.0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A29C39DD-971B-4A3F-BA08-91C8CC9B4A32"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:19.0.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97DD0665-C420-4F6F-AD1F-07674B13614E"}, {"criteria": "cpe:2.3:a:oracle:retail_invoice_matching:16.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48E25E7C-F7E8-4739-8251-00ACD11C12FE"}, {"criteria": "cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE1BC44A-F0AF-41CD-9CEB-B07AB5ADAB38"}, {"criteria": "cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "237968A4-AE89-44DC-8BA3-D9651F88883D"}, {"criteria": "cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E13DF2AE-F315-4085-9172-6C8B21AF1C9E"}, {"criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B1A4F12-3E64-41CF-B2B3-B6AB734B69E0"}, {"criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24A3C819-5151-4543-A5C6-998C9387C8A2"}, {"criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "924AFE2D-D1BB-4026-9C12-BA379F8C5BEA"}, {"criteria": "cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E702EBED-DB39-4084-84B1-258BC5FE7545"}, {"criteria": "cpe:2.3:a:oracle:retail_service_backbone:15.0.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1581DEE7-48C3-4832-B616-A25D9DD3E898"}, {"criteria": "cpe:2.3:a:oracle:retail_service_backbone:16.0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77326E29-0F3C-4BF1-905F-FF89EB9A897A"}, {"criteria": "cpe:2.3:a:oracle:retail_service_backbone:19.0.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D57F5CB-E566-450F-B7D7-DD771F7C746C"}, {"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1933509-1BEA-45DA-B6AF-2713B432B1F5"}, {"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DA1BF68-635B-4577-B3F7-DEBC39567C8F"}, {"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:16.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B202AEF-1197-441B-8EA1-2913BFD8A545"}, {"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "490B2C44-CECD-4551-B04F-4076D0E053C7"}, {"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6"}, {"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48EFC111-B01B-4C34-87E4-D6B2C40C0122"}, {"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "073FEA23-E46A-4C73-9D29-95CFF4F5A59D"}, {"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A69FB468-EAF3-4E67-95E7-DF92C281C1F1"}, {"criteria": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "513AE97F-161C-43D2-B2D1-653125A9E920", "versionEndExcluding": "11.2.2.8.27"}, {"criteria": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51309958-121D-4649-AB9A-EBFA3A49F7CB", "versionEndIncluding": "4.3.0.6.0", "versionStartIncluding": "4.3.0.1.0"}, {"criteria": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5435B365-BFF3-4A9E-B45C-42D8F1E20FB7"}, {"criteria": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FAC3840-2CF8-44CE-81BB-EEEBDA00A34A"}, {"criteria": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F906F04-39E4-4BE4-8A73-9D058AAADB43"}, {"criteria": "cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B393A82-476A-4270-A903-38ED4169E431"}, {"criteria": "cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85CAE52B-C2CA-4C6B-A0B7-2B9D6F0499E2"}, {"criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3ED272C-A545-4F8C-86C0-2736B3F2DCAF"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}