Lucene search
K

2996 matches found

osv
osv
added 2026/05/29 8:49 a.m.8 views

OPENSUSE-SU-2026:20841-1 Security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec

This update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec fixes the following issues: Changes in apache-commons-lang3: Update to 3.20.0 New features: + Add SystemProperties.getPathString, Supplier + Add...

5.3CVSS6.5AI score0.02164EPSS
Exploits0References3
osv
osv
added 2026/05/29 8:47 a.m.8 views

SUSE-SU-2026:21996-1 Security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec

This update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec fixes the following issues: Changes in apache-commons-lang3: Update to 3.20.0 New features: + Add SystemProperties.getPathString, Supplier + Add...

5.3CVSS5.5AI score0.02164EPSS
Exploits0References4
osv
osv
added 2026/05/27 1:20 p.m.8 views

USN-8322-1 commons-beanutils vulnerability

It was discovered that Apache Commons BeanUtils incorrectly allowed access to the declaredClass property of Java enum objects when handling externally supplied property paths. An attacker could possibly use this issue to execute arbitrary code...

8.8CVSS7.5AI score0.01548EPSS
Exploits1References2
susecve
susecve
added 2026/05/27 4:14 a.m.4 views

SUSE CVE-2023-42503

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...

5.5CVSS6.8AI score0.00489EPSS
Exploits0References3
susecve
susecve
added 2026/05/27 2:57 a.m.10 views

SUSE CVE-2025-48734

Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default...

8.8CVSS6.8AI score0.01548EPSS
Exploits1References7
nessus
nessus
added 2026/05/22 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: apache-commons-io (UTSA-2026-016648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016648 advisory. In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like //../foo, or ..\foo, the result would be the...

5.8CVSS6.8AI score0.10608EPSS
Exploits1References4
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libcommons-compress-java

There is a vulnerability related to the “Unreachable Exit Condition” „Infinite Loop“ in Apache Commons Compress. This issue affects Apache Commons Compress versions from 1.3 to 1.25.0. Users are recommended to upgrade to version 1.26.0, which fixes this issue...

8.1CVSS6.6AI score0.00441EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in commons-io

In Apache Commons IO before version 2.7, when the FileNameUtils.normalize method was called with an improper input string, such as “//../foo” or “\..\foo”, the result would be the same value. This potentially allowed access to files in the parent directory, but not further up the path thus...

5.8CVSS6.6AI score0.10608EPSS
Exploits1References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in bcel

Apache Commons BCEL includes several APIs that typically only allow modifying specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to generate arbitrary bytecode. This could lead to abuse in applications that send attacker-controllable data to tho...

9.8CVSS6.9AI score0.02836EPSS
Exploits0References1
opensuse
opensuse
added 2026/05/17 12:0 a.m.13 views

apache-commons-configuration2-2.15.0-1.1 on GA media (moderate)

apache-commons-configuration2-2.15.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10784-1 Rating: moderate Cross-References: CVE-2025-48924 CVE-2026-45205 CVSS scores: CVE-2025-48924 SUSE : 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-48924 SUSE : 5.7...

8.7CVSS5.8AI score0.02164EPSS
Exploits0
osv
osv
added 2026/05/16 12:0 a.m.5 views

OPENSUSE-SU-2026:10784-1 apache-commons-configuration2-2.15.0-1.1 on GA media

These are all security issues fixed in the apache-commons-configuration2-2.15.0-1.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS6.8AI score0.02164EPSS
Exploits0References2
susecve
susecve
added 2026/05/15 1:58 a.m.12 views

SUSE CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

7.5CVSS5.8AI score0.00487EPSS
Exploits0References5
vulnersosv
vulnersosv
added 2026/05/14 1:16 p.m.10 views

ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +3116 more potentially affected by CVE-2026-45205 via org.apache.commons:commons-configuration2 (>=2.0 <=2.14.0)

org.apache.commons:commons-configuration2 MAVEN version =2.0, =0.31.0, =0.1.9, =0.1.9, =0.1.9, =3.30.1.1, =3.10.0.5, =3.10.0.7, =0.2.3.5, =0.1.9, =1.2.3, =1.2.3, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0.ee-20260528111216 and more Source cves: CVE-2026-45205 Source advisory:...

5.3CVSS5.7AI score0.00487EPSS
Exploits0
osv
osv
added 2026/05/14 12:30 p.m.7 views

GHSA-337M-MW94-2V6G Apache Commons Configuration: StackOverflowError for YAML input with cycles

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS5.8AI score0.00487EPSS
Exploits0References5
github
github
added 2026/05/14 12:30 p.m.20 views

Apache Commons Configuration: StackOverflowError for YAML input with cycles

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS5.8AI score0.00487EPSS
Exploits0References5Affected Software1
nvd
nvd
added 2026/05/14 12:16 p.m.48 views

CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS0.00487EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2026/05/14 12:16 p.m.11 views

CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS5.8AI score0.00487EPSS
Exploits0References6
osv
osv
added 2026/05/14 12:16 p.m.8 views

UBUNTU-CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS5.8AI score0.00487EPSS
Exploits0References7
cvelist
cvelist
added 2026/05/14 11:22 a.m.56 views

CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

0.00487EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/14 11:22 a.m.11 views

CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.8AI score0.00487EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder