4456 matches found
OPENSUSE-SU-2026:10784-1 apache-commons-configuration2-2.15.0-1.1 on GA media
These are all security issues fixed in the apache-commons-configuration2-2.15.0-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +3116 more potentially affected by CVE-2026-45205 via org.apache.commons:commons-configuration2 (>=2.0 <=2.14.0)
org.apache.commons:commons-configuration2 MAVEN version =2.0, =0.31.0, =0.1.9, =0.1.9, =0.1.9, =3.30.1.1, =3.10.0.5, =3.10.0.7, =0.2.3.5, =0.1.9, =1.2.3, =1.2.3, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0.ee-20260528111216 and more Source cves: CVE-2026-45205 Source advisory:...
Apache Commons Configuration: StackOverflowError for YAML input with cycles
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
GHSA-337M-MW94-2V6G Apache Commons Configuration: StackOverflowError for YAML input with cycles
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
UBUNTU-CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
EUVD-2026-30267
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205
CVE-2026-45205 describes an uncontrolled recursion (StackOverflowError) in Apache Commons Configuration when processing untrusted YAML configuration files with cycles. Affected versions are 2.2 prior to 2.15.0; the advisory recommends upgrading to 2.15.0 to fix the issue. Public disclosures acros...
CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
PT-2026-40906
Name of the Vulnerable Software and Affected Versions Apache Commons versions 2.2 through 2.14.x Description An uncontrolled recursion issue exists when processing untrusted configuration files. Specifically, the software throws a StackOverflowError—a runtime error that occurs when the call stack...
Apache Commons 安全漏洞
Apache Commons is an Apache project focused on reusable Java components, developed by the Apache Foundation in the United States. There were security vulnerabilities in versions of Apache Commons from 2.2 to 2.15.0. These vulnerabilities stemmed from uncontrolled recursion when processing YAML...
Linux Distros Unpatched Vulnerability : CVE-2026-45205
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError f...
Security Bulletin: Multiple security vulnerabilities affecting IBM Knowledge Catalog for IBM Cloud Pak for Data
Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed and customers should update to the recommended version of the product at the earliest opportunity. Vulnerability Details CVEID:CVE-2025-46392 DESCRIPTION...
RCE (Remote Code Execution) at mchange-commons-java dependency in Bamboo Data Center
This High severity RCE Remote Code Execution vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.9 and a CVSS Vector of...
DoS (Denial of Service) at commons-fileupload dependency in Crucible Server
This High severity DoS Denial of Service vulnerability was introduced in version 4.9.0 of Crucible Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to cause a resource to...