4459 matches found
Mageia: Security Advisory (MGASA-2025-0299)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2025-0296)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2025-0299 Updated apache-commons-beanutils packages fix security vulnerability
Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default. CVE-2025-48734...
MGASA-2025-0293 Updated apache-commons-lang3 & apache-commons-lang packages fix security vulnerability
Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass... can throw a StackOverflowError on very long inputs. CVE-2025-48924...
MGASA-2025-0296 Updated apache-commons-fileupload packages fix security vulnerability
Apache Commons FileUpload: FileUpload DoS via part headers. CVE-2025-48976...
Updated apache-commons-lang3 & apache-commons-lang packages fix security vulnerability
Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass... can throw a StackOverflowError on very long inputs. CVE-2025-48924...
DoS (Denial of Service) Third-Party Dependency in Jira Service Management Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.10.0, 5.11.0, 5.12.0, 5.13.0, 5.14.0, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.0, 11.0.0 and and 11.1.0 of Jira Service Management Data Center and Server. This...
Security Bulletin: IBM Storage Insights is vulnerable to weakness related to Apache Commons Lang
Summary Vulnerabilities in Apache Commons Lang may affect IBM Storage Insights which could allow uncontrolled recursion. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...
Security Bulletin: IBM Jazz Reporting Service is vulnerable to uncontrolled resource consumption in Apache Commons IO.
Summary A vulnerability has been identified in the Apache Commons IO library. This issue affects IBM® Jazz Reporting Service and has been addressed as documented in the Remediation section CVE-2024-47554. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption...
Security Bulletin: WebSphere Application Server Liberty is affected by a denial of service due to Apache Commons FileUpload ( CVE-2025-48976)
Summary WebSphere Application Server Liberty is affected by a denial of service due to Apache Commons FileUpload CVE-2025-48976 Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache...
Security Bulletin: IBM Maximo Application Suite uses eventlet-0.40.1-py3-none-any.whl, commons-lang3-3.17.0.jar, net/http/internal 1.23.4 which is vulnerable to CVE-2025-58068, CVE-2025-48924, CVE-2025-22871
Summary IBM Maximo Application Suite uses eventlet-0.40.1-py3-none-any.whl, commons-lang3-3.17.0.jar, net/http/internal 1.23.4 which is vulnerable to CVE-2025-58068, CVE-2025-48924, CVE-2025-22871. This bulletin contains information regarding the vulnerability and how it is addressed. Vulnerabili...
Security Bulletin: Due to use of Apache Commons Lang, IBM Engineering Systems Design Rhapsody is affected by an Uncontrolled Recursion vulnerability
Summary Apache Commons Lang is used internally by IBM Engineering Systems Design Rhapsody CVE-2025-48924 Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...
Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM InfoSphere Information Server
Summary There are multiple vulnerabilities in IBM® WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server. These are addressed. Vulnerability Details CVEID:CVE-2025-36047 DESCRIPTION: IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable ...
Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities
Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2025-41249 DESCRIPTION: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationRuntime and IntegrationServer operands are vulnerable to improper access control [CVE-2025-48734]
Summary Apache Commons Beanutils is used by IBM App Connect Enterprise Certified Container when using MQ FTE. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationRuntime and IntegrationServer operands that run flows that use MQ FTE are vulnerable to improper access contro...
Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to uncontrolled recursion due to the Apache Commons Lang package (CVE-2025-48924)
Summary Apache Commons Lang is used by DataStage on Cloud Pak for Data as part of API processing functionality. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...
Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.
Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...
Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.
Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...
Security Bulletin: Multiple Vulnerabilities affect IBM Tivoli Netcool Impact
Summary Multiple vulnerabilities were addressed in IBM Tivoli Netcool Impact version 7.1.0.37 Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop...
Security Bulletin: Vulnerability Werkzeug, Twisted-22.10.0-py3, requests-2.32.2-py3, commons-lang-2.6, commons-fileupload-1.5, urllib3-2.2.2, jetty-server-9.4.56.v20240826 affect IBM Cloud Object Storage Systems (Oct 2025)
Summary Vulnerability with Werkzeug CVE-2024-34069, CVE-2023-46136 ,CVE-2024-49767, CVE-2024-49766 Twisted-22.10.0-py3 CVE-2024-41810, CVE-2023-46137, CVE-2024-41671, requests-2.32.2-py3 CVE-2024-47081, urllib3-2.2.2 CVE-2025-50182,CVE-2025-501810 commons-lang-2.6CVE-2025-48924,...