[GHSA-j288-q9x7-2f5v] Apache Commons Lang is vulnerable to Uncontrolled Recursion when processing long inputs

advisories/github-reviewed/2025/07/GHSA-j288-q9x7-2f5v/GHSA-j288-q9x7-2f5v.json

@@ -1,19 +1,14 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j288-q9x7-2f5v",
-  "modified": "2025-11-05T20:30:31Z",
+  "modified": "2025-11-05T20:30:33Z",
   "published": "2025-07-11T15:31:37Z",
   "aliases": [
     "CVE-2025-48924"
   ],
   "summary": "Apache Commons Lang is vulnerable to Uncontrolled Recursion when processing long inputs",
   "details": "Uncontrolled Recursion vulnerability in Apache Commons Lang.\n\nThis issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0.\n\nThe methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a StackOverflowError could cause an application to stop.\n\nUsers are recommended to upgrade to version 3.18.0, which fixes the issue.",
-  "severity": [
-    {
-      "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
-    }
-  ],
+  "severity": [],
   "affected": [
     {
       "package": {
@@ -96,7 +91,7 @@
     "cwe_ids": [
       "CWE-674"
     ],
-    "severity": "MODERATE",
+    "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2025-07-12T00:48:03Z",
     "nvd_published_at": "2025-07-11T15:15:24Z"