Lucene search
K

2996 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/08 1:15 p.m.5 views

Security Bulletin: IBM SPSS Analytic Server is affected by a vulnerability in Apache Commons Lang (CVE-2025-48924).

Summary IBM SPSS Analytic Server is affected by a vulnerability in Apache Commons Lang CVE-2025-48924. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache...

5.3CVSS6.7AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/06 12:17 a.m.5 views

Security Bulletin: IBM Event Processing is affected by multiple Vulnerabilities in IBM Operator for Apache Flink

Summary IBM Event Processing is affected by multiple Vulnerabilities in IBM Operator for Apache Flink 1.4.5 Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers...

7.5CVSS6AI score0.02164EPSS
Exploits1Affected Software1
GithubExploit
GithubExploit
added 2026/01/02 5:55 a.m.255 views

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889-text4shell Description This script is a pe...

9.8CVSS7.8AI score0.99931EPSS
Exploits41
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/31 3:31 p.m.6 views

Security Bulletin: IBM Event Streams is vulnerable to Uncontrolled Recursion vulnerability (CVE-2025-48924)

Summary IBM Event Streams is vulnerable to Uncontrolled Recursion vulnerability due to the use of the Apache Commons Lang artifact. This artifact primarily used for utility functions such as string manipulation, object comparison, and handling common operations that simplify Java development...

5.3CVSS6.6AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 6:2 a.m.10 views

Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling Partner Engagement Manager

Summary Multiple vulnerabilities were addressed in IBM Sterling Partner Engagement Manager versions 6.2.3.5 and 6.2.4.2. Vulnerability Details CVEID:CVE-2025-36124 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 could allow a remote attacker to bypass security...

7.5CVSS8AI score0.93305EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/17 2:53 p.m.8 views

Security Bulletin: IBM App Connect Enterprise Toolkit and IBM Integration Bus for z/OS Toolkit are vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO (CVE-2024-47554)

Summary IBM App Connect Enterprise Toolkit and IBM Integration Bus for z/OS Toolkit are vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...

4.3CVSS6.6AI score0.01241EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/12/17 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: apache-commons-lang3 (UTSA-2025-991256)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991256 advisory. Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting withcommons-lang:commons-lang2.0 to 2.6, and, from...

5.3CVSS6.4AI score0.02164EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/12/16 11:13 p.m.2 views

commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

An uncontrolled recursion flaw was found in the Apache Commons Lang library. The ClassUtils.getClass... method can throw a StackOverflowError on very long inputs. Since this error is typically not handled by applications and libraries, a StackOverflowError may lead to the termination of an...

5.3CVSS7.1AI score0.02164EPSS
Exploits0References5
OSV
OSV
added 2025/12/16 6:16 p.m.5 views

CVE-2025-46295

Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could...

9.8CVSS6AI score0.00919EPSS
Exploits0References1
NVD
NVD
added 2025/12/16 6:16 p.m.10 views

CVE-2025-46295

Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could...

9.8CVSS0.00919EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/16 6:7 p.m.5 views

CVE-2025-46295

Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could...

7.8AI score0.00919EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/16 6:7 p.m.36 views

CVE-2025-46295

Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could...

0.00919EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/16 10:53 a.m.4 views

Security Bulletin:Vulnerability in Apache Commons HttpClient affects IBM Netezza Appliance

Summary The Apache Commons HttpClient package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2012-5783 Vulnerability Details CVEID:CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java...

5.8CVSS6.5AI score0.09254EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/16 10:45 a.m.6 views

Security Bulletin:Vulnerability in Apache Commons HttpClient affects IBM Netezza Appliance

Summary The Apache Commons HttpClient package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2012-6153 Vulnerability Details CVEID:CVE-2012-6153 DESCRIPTION: http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not...

4.3CVSS6.4AI score0.05844EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.8 views

PT-2025-51764

Name of the Vulnerable Software and Affected Versions Apache Commons Text versions prior to 1.10.0 FileMaker Server versions prior to 22.0.4 Description Apache Commons Text versions prior to 1.10.0 contain interpolation features that could be exploited when applications process untrusted input...

10CVSS7.9AI score0.00919EPSS
Exploits0References17
Redos
Redos
added 2025/12/16 12:0 a.m.3 views

ROS-20251216-7307

A vulnerability in the FTP Client component of the Apache Commons Net library is related to the use of open redirection with insufficient input data validation during PASV response processing. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected...

6.5CVSS7AI score0.01858EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/16 12:0 a.m.9 views

Apache Commons FileUpload < 1.6 , 2.0.0-M1 < 2.0.0-M4 Denial of Service (CVE-2025-48976)

The version of Apache Commons FileUpload on the remote host is 1.6 , 2.0.0-M1 2.0.0-M4. It is, therefore, affected by a denial of service vulnerability due to allocation of resources for multipart headers with insufficient limits. Note that Nessus has not tested for these issues but has instead...

7.5CVSS7.3AI score0.64718EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/15 11:19 a.m.5 views

Security Bulletin: due to the use of Apache Commons Lang, IBM Transformation Extender Advanced is vulnerable to Uncontrolled Recursion vulnerability

Summary Apache Commons Lang is used by IBM Transformation Extender Advanced also known as IBM Standards Processing Engine as part of common utility helpers . CVE-2024-47554 Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This...

5.3CVSS6.2AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/15 11:18 a.m.8 views

Security Bulletin: due to the use of Apache Commons FileUpload, IBM Transformation Extender Advanced is vulnerable to DoS vulnerability

Summary Apache Commons FileUpload is used by IBM Transformation Extender Advanced also known as IBM Standards Processing Engine as part of common utility helpers. CVE-2024-47554 Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient...

7.5CVSS6.6AI score0.64718EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.2 views

SUSE SLES12 Security Update : apache-commons-lang3 (SUSE-SU-2025:02786-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:02786-1 advisory. - CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. bsc1246397 Tenable has extracted the preceding description blo...

5.3CVSS6.4AI score0.02164EPSS
Exploits0References5
Rows per page
Query Builder