RockyLinux 9 : tomcat (RLSA-2025:14181)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:14181 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125...

RockyLinux 10 : tomcat (RLSA-2025:14179)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:14179 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125...

EUVD-2023-1002

Malicious code in bioql PyPI...

EUVD-2022-5378

Malicious code in bioql PyPI...

EUVD-2022-1848

Malicious code in bioql PyPI...

EUVD-2022-3716

Malicious code in bioql PyPI...

EUVD-2025-18407

Malicious code in bioql PyPI...

EUVD-2023-54607

Malicious code in bioql PyPI...

EUVD-2023-1026

Malicious code in bioql PyPI...

RLSA-2025:14179 Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125 apache-commons-fileupload: Apache...

tomcat security update

An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Page...

RLSA-2025:14178 Important: tomcat9 security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

Security Bulletin: Multiple vulnerabilities within WebSphere Application and IBM HTTP Server, affect IBM Tivoli Monitoring.

Summary Multiple vulnerabilities within WebSphere Application and IBM HTTP Server which is included as part of IBM Tivoli Monitoring ITM portal server have been remediated. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limi...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons FileUpload (CVE-2025-48976)

Summary A vulnerability in Apache Commons FileUpload that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons...

ROS-20250929-04

Vulnerability of MultipartStream class of the Commons FileUpload library exists due to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service consumption of computational resources using a long string...

Security Bulletin: IBM i is affected by denial of service vulnerabilities in IBM WebSphere Application Server Liberty [CVE-2025-36097, CVE-2025-36047, CVE-2025-48976]

Summary IBM WebSphere Application Server Liberty for IBM i is vulnerable to a denial of service by sending a specially crafted request that causes the server to consume excessive memory resources CVE-2025-36097, CVE-2025-36047 and by allocation of resources for multipart headers with insufficient...

Security Bulletin: IBM SPSS Analytic Server is affected by a Denial of Service (DoS) vulnerability in Apache Commons FileUpload.

Summary IBM SPSS Analytic Server is affected by a Denial of Service DoS vulnerability in Apache Commons FileUpload. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits...

DoS (Denial of Service) Third-Party Dependency in Jira Software Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.10.0, 9.11.0, 9.12.0, 9.13.0, 9.14.0, 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.0, and 11.0.0 of Jira Software Data Center and Server. This Third-Party Dependency...

ROS-20250911-09

A vulnerability in the Apache Commons FileUpload library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service due to Apache Commons FileUpload (CVE-2025-48976)

Summary There is a vulnerability in Apache Commons FileUpload which affects IBM WebSphere Application Server traditional and affects IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0 or servlet-6.0 feature enabled. Vulnerability Details...