High severityNVD Advisory· Published Oct 11, 2022· Updated Jun 9, 2025
CVE-2022-41404
CVE-2022-41404
Description
An issue in the fetch() method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.ini4j:ini4jMaven | <= 0.5.4 | — |
Affected products
5- org.ini4j/org.ini4jdescription
- osv-coords4 versionspkg:apk/chainguard/druid-compatpkg:apk/wolfi/druid-compatpkg:maven/org.ini4j/ini4jpkg:rpm/opensuse/ini4j&distro=openSUSE%20Tumbleweed
< 34.0.0-r6+ 3 more
- (no CPE)range: < 34.0.0-r6
- (no CPE)range: < 34.0.0-r6
- (no CPE)range: <= 0.5.4
- (no CPE)range: < 0.5.4-1.1
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-jr6h-r7vg-f9mcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-41404ghsaADVISORY
- github.com/Checkmarx/Vulnerabilities-Proofs-of-Concept/tree/main/2022/CVE-2022-41404ghsaWEB
- lists.debian.org/debian-lts-announce/2022/11/msg00037.htmlghsamailing-listWEB
- sourceforge.net/p/ini4j/bugs/56ghsaWEB
- sourceforge.net/projects/ini4jghsaWEB
- sourceforge.net/p/ini4j/bugs/56/mitre
News mentions
0No linked articles in our index yet.