Lucene search
K

4456 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 9:11 p.m.5 views

Security Bulletin: The Apache Commons Lang library that is shipped with IBM ApplinX is vulnerable to an Uncontrolled Recursion vulnerability (CVE-2025-48924).

Summary The Apache Commons Lang library that is shipped with IBM ApplinX is vulnerable to an Uncontrolled Recursion vulnerability CVE-2025-48924. The version of the Apache Commons Lang library that is shipped with IBM ApplinX has been updated in order to address the vulnerability. Vulnerability...

5.3CVSS6.2AI score0.02164EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.9 views

CVE-2026-41711

A flaw was found in Spring Data Commons. Applications using this component may be vulnerable to a Denial of Service DoS attack. A remote attacker could exploit this by sending specially crafted Sort parameters, leading to a StackOverflowException and causing the application to become unavailable...

5.9CVSS5.6AI score0.0028EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/10 5:54 p.m.7 views

Security Bulletin: IBM SPSS Modeler is affected by vulnerabilities in Apache POI and Apache Commons Lang

Summary IBM SPSS Modeler is affected by vulnerabilities in Apache POI and Apache Commons Lang. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML...

5.3CVSS6.2AI score0.02164EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2026/06/10 1:13 a.m.7 views

Allocation of Resources Without Limits or Throttling

Overview org.springframework.data:spring-data-commons is a maven plugin to centralize common resources and configuration for Spring Data Maven builds. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the property-lookup cache. An attacke...

8.7CVSS5.4AI score0.00363EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 1:13 a.m.5 views

Denial of Service (DoS)

Overview org.springframework.data:spring-data-commons is a maven plugin to centralize common resources and configuration for Spring Data Maven builds. Affected versions of this package are vulnerable to Denial of Service DoS via the MappingContext property path resolution. An attacker can cause...

8.7CVSS5.5AI score0.00363EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 1:13 a.m.7 views

Denial of Service (DoS)

Overview org.springframework.data:spring-data-commons is a maven plugin to centralize common resources and configuration for Spring Data Maven builds. Affected versions of this package are vulnerable to Denial of Service DoS via data binding. An attacker can exhaust system memory resources by...

8.2CVSS5.6AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 12:31 a.m.10 views

EUVD-2026-35902

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS5.5AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 12:31 a.m.8 views

EUVD-2026-35897

Applications using Spring Data Commons may be vulnerable to a Denial of Service DoS attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through...

5.9CVSS5.4AI score0.0028EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 12:16 a.m.11 views

CVE-2026-41711

Applications using Spring Data Commons may be vulnerable to a Denial of Service DoS attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through...

5.9CVSS0.0028EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 12:16 a.m.12 views

CVE-2026-41721

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS0.00331EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 12:16 a.m.24 views

CVE-2026-41695

Spring Data Commons applications may be vulnerable to denial of service through resource exhaustion when attacker-controlled property path strings are passed to MappingContext property path resolution. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through...

7.5CVSS0.00363EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

VMware Spring Data Commons 资源管理错误漏洞

VMware Spring Data Commons is a data access abstraction framework developed by VMware Corporation in the United States. Vulnerabilities exist in versions 4.0.0 and earlier, as well as versions 3.5.0 and earlier, 3.4.0 and earlier, 3.3.0 and earlier, 3.2.0 and earlier, 3.1.0 and earlier, 3.0.0 and...

5.9CVSS5.3AI score0.00331EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

VMware Spring Data Commons 安全漏洞

VMware Spring Data Commons is a data access abstraction framework developed by VMware, Inc. There is a security vulnerability in VMware Spring Data Commons. This vulnerability stems from the internal property lookup cache, which permanently retains strings provided by attackers as cache keys...

7.5CVSS5.4AI score0.00363EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

VMware Spring Data Commons 资源管理错误漏洞

VMware Spring Data Commons is a data access abstraction framework developed by VMware Corporation in the United States. There is a resource management vulnerability in VMware Spring Data Commons. This vulnerability arises when the attribute path string controlled by the attacker is passed to the...

7.5CVSS5.3AI score0.00363EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 11:48 p.m.7 views

CVE-2026-41721 Spring Data Commons Denial of Service via Data Binding

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS5.4AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:48 p.m.48 views

CVE-2026-41721

Spring Data Commons vulnerability (CVE-2026-41721) can cause a Denial of Service when Spring Data Web Support is enabled and a controller uses @ProjectedPayload; a specially crafted HTTP request may cause excessive memory allocation. Affected versions include Spring Data Commons 4.0.0–4.0.5; 3.5....

5.9CVSS5.5AI score0.00331EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 11:48 p.m.40 views

CVE-2026-41721 Spring Data Commons Denial of Service via Data Binding

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS0.00331EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 11:48 p.m.38 views

CVE-2026-41711 Potential Denial of Service through crafted Sort Parameters

Applications using Spring Data Commons may be vulnerable to a Denial of Service DoS attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through...

5.9CVSS0.0028EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 11:48 p.m.8 views

CVE-2026-41711 Potential Denial of Service through crafted Sort Parameters

Applications using Spring Data Commons may be vulnerable to a Denial of Service DoS attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through...

5.9CVSS5.4AI score0.0028EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:48 p.m.40 views

CVE-2026-41711

Summary: CVE-2026-41711 affects Spring Data Commons and can cause a Denial of Service via a StackOverflowException when parsing Sort parameters. Affected versions include 4.0.0–4.0.5; 3.5.0–3.5.11; 3.4.0–3.4.14; 3.3.0–3.3.16; 3.2.0–3.2.15; 3.1.0–3.1.14; 3.0.0–3.0.15; 2.7.0–2.7.19. The provided do...

5.9CVSS5.4AI score0.0028EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder