Apache Commons Compress
How does this open source repository relate to critical infrastructure and healthcare?
Apache commons-compress is used under the hood by thousands of other Java libraries. On Maven central, this is the #1 Java compression library. Like xz, its ubiquity can cause widespread harm if it is not secure.
What would vulnerabilities in this repository mean for critical infra & healthcare?
The most common vulnerabilities in this library would be denial of service, which could impede processing of data or cause applications to fail.
Challenges
>>> Forget Midnight
>>> movie
>>> plan