205 matches found
CVE-2025-46392
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
UBUNTU-CVE-2025-46392
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
CVE-2025-46392
CVE-2025-46392 describes an Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. The issue arises when loading untrusted configurations or using unusual usage patterns, leading to excessive resource use. The provided documents indicate that the Apache Commons Confi...
CVE-2025-46392 Apache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
CVE-2025-46392 Apache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
CVE-2025-46392
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
Apache Commons Configuration 资源管理错误漏洞
Apache Commons Configuration is a generic configuration interface from the Apache Foundation that is primarily used to enable Java applications to read configuration data from multiple sources. A resource management error vulnerability exists in Apache Commons Configuration version 1.x. The...
PT-2025-20548 · Apache +1 · Apache Commons Configuration +1
Name of the Vulnerable Software and Affected Versions: Apache Commons Configuration versions 1.x Description: The issue is related to Uncontrolled Resource Consumption in Apache Commons Configuration 1.x, which can lead to excessive resource consumption when loading untrusted configurations or...
Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to out of bounds writes due to hbase-client
Summary hbase-client is used by the ds-cas-lite microservice as part of the Java client HBase API. Vulnerability Details CVEID:CVE-2024-29131 DESCRIPTION: Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Use...
Linux Distros Unpatched Vulnerability : CVE-2024-29131
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended...
Linux Distros Unpatched Vulnerability : CVE-2024-29133
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended...
Atlassian Confluence 6.0 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-97794)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-97794 advisory. - Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users a...
DoS (Denial of Service) org.apache.commons:commons-configuration2 Dependency in Confluence Data Center and Server
This High severity org.apache.commons:commons-configuration2 Dependency vulnerability was introduced in versions 6.0 of Confluence Data Center and Server. This org.apache.commons:commons-configuration2 Dependency vulnerability, with a CVSS Score of 7.3 and a CVSS Vector of...
IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7150045)
The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6 IBM. It is, therefore, affected by multiple vulnerabilities as referenced in the 7150045 advisory. - Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons...
Atlassian Confluence 1.0.1 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-95975)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95975 advisory. - Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users a...
Atlassian Confluence 1.0.1 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-95974)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95974 advisory. - Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users a...
Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues due to Apache Commons Configuration and Fasterxml jackson-databind
Summary There are vulnerabilities in Apache Commons Configuration and Fasterxml jackson-databind used by Install Agent, Integrated File Agent and Integrated Web Services in IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the...
commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator. This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that...
commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flattenObject, int with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a...
Security Bulletin: IBM® Db2® federated server is affected by vulnerabilities in the open source commons-configuration2 library. (CVE-2024-29131, CVE-2024-29133)
Summary IBM® Db2® federated server is affected by vulnerabilities in the open source commons-configuration2 library when using the NoSQL Hadoop wrapper. Vulnerability Details CVEID:CVE-2024-29131 DESCRIPTION: Apache Commons Configuration could allow a remote attacker to execute arbitrary code on...