Commons Compress may be used to process untrusted input data. + This should not trigger network access, unbounded deserialization + or code execution. It may require processing power proportional to + the size of the input. An input causing an OutOfMemoryError, + StackOverflowError, or another Error may be accepted as a DoS + vulnerability when it is unexpected based on the size of the input + and the resources (RAM, disk, etc) allocated to the process.
+ +Input causing any other RuntimeException is expected and not a + vulnerability, but may be a regular bug when a more appropriate + Exception is available.
+ +Regular API parameters are typically designed to work with input + that is either trusted or validated/sanitized by the application + using the library unless otherwise specified, in accordance with + the general + Apache Commons Security Model.
+This page lists all security vulnerabilities fixed in released versions of Apache Commons Compress. Each