org.apache.commons:commons-configuration2 vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-45205Mediumorg.apache.commons:commons-configuration2: Apache Commons Configuration: StackOverflowError for YAML input with cyclesCVE-2024-29131Mediumorg.apache.commons:commons-configuration2: Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()CVE-2024-29133Mediumorg.apache.commons:commons-configuration2: Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object treeCVE-2022-33980Criticalorg.apache.commons:commons-configuration2: Code injection in Apache Commons ConfigurationCVE-2020-1953Criticalorg.apache.commons:commons-configuration2: Remote code execution in Apache Commons Configuration

Stop the waste.
Protect your environment with Kodem.