{"id":"AZL-65181","summary":"CVE-2025-48924 affecting package apache-commons-lang3 for versions less than 3.8.1-6","details":"Uncontrolled Recursion vulnerability in Apache Commons Lang.\n\nThis issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0.\n\nThe methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a \nStackOverflowError could cause an application to stop.\n\nUsers are recommended to upgrade to version 3.18.0, which fixes the issue.","modified":"2026-04-01T05:20:29.867052Z","published":"2025-07-11T15:15:24Z","upstream":["CVE-2025-48924"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-48924"}],"affected":[{"package":{"name":"apache-commons-lang3","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/apache-commons-lang3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.8.1-6"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65181.json"}}],"schema_version":"1.7.5"}