ROOT-APP-NPM-CVE-2026-35515 CVE-2026-35515 in @rootio/nestjs__core - Patched by Root

Root has patched CVE-2026-35515 in the @rootio/nestjscore package for Root:npm. Multiple fixed versions available...

CVE-2024-35515

creationtimestamp| type| source ---|---|--- 2026-05-26 13:14:11+00:00| seen| https://gist.github.com/JacobPEvans/1b0e61206f871d1ef47db465419c2245...

CVE-2024-35515 vulnerabilities

Vulnerabilities for packages: nemo...

MAL-2025-35515 Malicious code in test-mlw2-hided-works (npm)

The package test-mlw2-hided-works was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2021-35515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used ...

CVE-2024-35515

Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code...

CVE-2024-35515

Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code...

CVE-2024-35515

CVE-2024-35515 concerns insecure deserialization in the Python package sqlitedict (up to v2.1.0), enabling arbitrary code execution. Multiple connected sources corroborate that the vulnerable component is sqlitedict, and the root cause is insecure deserialization. Impact is high (arbitrary code e...

CVE-2024-35515

Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code...

Atlassian Confluence 7.19.23 < 7.19.25 / 8.5.x < 8.5.12 / 8.9.x < 8.9.4 (CONFSERVER-96100)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-96100 advisory. - When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java

Summary There are multiple vulnerabilities in Java used by IBM Cloud Transformation Advisor CVE-2021-46877, CVE-2021-0341, CVE-2021-35515, CVE-2021-35516, CVE-2024-30172. Vulnerability Details CVEID:CVE-2021-46877 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, cause...

Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache Commons Compress

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache Commons Compress shipped with product. Vulnerability Details CVEID:CVE-2021-35516 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memor...

Security Bulletin: IBM Security Verify Governance is vulnerable to denial of service due to use of Apache Commons Compress (CVE-2021-35517, CVE-2021-36090, CVE-2021-35515, CVE-2021-35516)

Summary IBM Security Verify Governance uses Apache Commons Compress which could allow a denial of service by a remote attacker, caused by multiple vulnerabilities CVE-2021-35517, CVE-2021-36090, CVE-2021-35515, CVE-2021-35516. The fix includes upgrading the Commons Collections jar to the patched...

CVE-2020-35515

...

CVE-2020-35515

CVE-2020-35515 is rejected/not used and does not represent an active vulnerability entry.

Security Bulletin: Apache Commons as used by IBM QRadar SIEM is vulnerable to denial of service (CVE-2021-35515, CVE-2021-35516, CVE-2021-36090, CVE-2021-35517)

Summary Apache Commons as used by IBM QRadar SIEM is vulnerable to denial of service. IBM has addressed the relevant CVEs. Vulnerability Details CVEID: CVE-2021-35515 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop flaw in the construction of...

Security Bulletin: Apache commons-compress security vulnerabilities in IBM Content Manager

Summary Apache commons-compress security vulnerabilities in IBM Content Navigator ICN toolkit affecting Administration Console for Content Platform Engine ACCE Vulnerability Details CVEID: CVE-2021-35516 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an...

Updated osgi-core/apache-commons-compress packages fix security vulnerability

When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package. CVE-2021-35515 When reading a specially crafted 7...

Security Bulletin: Apache Commons Compress Denial of Service Vulnerability Affects IBM Sterling Control Center (CVE-2021-35515)

Summary When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package. Vulnerability Details CVEID: CVE-2021-355...

Security Bulletin: IBM InfoSphere Information Server is affected by a denial of service vulnerability in Apache Commons Compress

Summary A denial of service vulnerability in Apache Commons Compress that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2021-35515 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop flaw in the...