23 matches found
CVE-2026-42089
A flaw was found in Yeoman Environment. This vulnerability allows an attacker to install arbitrary packages and execute code during command-line interface CLI bootstrap. This occurs because the software installs missing local generator packages from caller-supplied names without user confirmation...
Weblate command-line client susceptible to SSL verification skip
Impact The SSL verification would be skipped for some crafted URLs. Patches https://github.com/WeblateOrg/wlc/pull/1097 Workarounds Avoid using untrusted wlc configurations, as that might cause insecure connections. References This issue was reported to us by wh1zee via HackerOne...
Uncontrolled Resource Consumption
Apache Commons Configuration is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to multiple design issues in the configuration loading and processing logic, where loading untrusted configuration files or allowing attacker-controlled usage patterns can trigger excessive C...
Security Bulletin: Uncontrolled Resource Consumption in Apache Commons Configuration 1.x When Loading Untrusted Configurations, affects watsonx.data
Summary Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons...
Linux Distros Unpatched Vulnerability : CVE-2025-46392
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow...
kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider
A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider...
Server-side Request Forgery (SSRF)
Overview org.apache.kafka:kafka-clients is a streaming platform that can publish and subscribe to streams of records, store streams of records in a fault-tolerant durable way, and process streams of records as they occur. Affected versions of this package are vulnerable to Server-side Request...
SUSE CVE-2025-46392
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due several issues in the loading of untrusted configurations. An attacker can cause excessive resource consumption by manipulating the configuration data or introducing unexpected...
GHSA-PVP8-3XJ6-8C6X Apache Commons Configuration Uncontrolled Resource Consumption
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
Apache Commons Configuration Uncontrolled Resource Consumption
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
CVE-2025-46392
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
DEBIAN-CVE-2025-46392
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
CVE-2025-46392
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
UBUNTU-CVE-2025-46392
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
CVE-2025-46392
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
CVE-2025-46392 Apache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
CVE-2025-46392 Apache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuratio...
CVE-2025-46392
CVE-2025-46392 describes an Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. The issue arises when loading untrusted configurations or using unusual usage patterns, leading to excessive resource use. The provided documents indicate that the Apache Commons Confi...
kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider
A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider...