Lucene search
K

2996 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/07/04 1:34 a.m.11 views

Security Bulletin: Due to IBM Storage Scale, IBM Cloud Pak System is affected by multiple vulnerabilities [CVE-2025-48976, CVE-2025-30204, CVE-2025-1137].

Summary Execute privileged command and denial of service vulnerabilities found in IBM Storage Scale previously known as IBM Spectrum Scale affect IBM Cloud Pak System. These vulnerabilities were addressed in IBM Cloud Pak System v2.3.6.1 and IBM Cloud Pak System v2.3.5.1 Vulnerability Details...

8.8CVSS7.1AI score0.64718EPSS
Exploits1Affected Software2
NVD
NVD
added 2026/06/30 11:17 p.m.11 views

CVE-2026-55223

c3p0 is a JDBC Connection pooling library. In versions prior to 0.14.0, c3p0 in combination with other libraries, can compose to a "sink" for deserialization gadgets. The JDBC spec's DataSource.getConnection and ConnectionPoolDataSource.getPooledConnection match the getXXX form, so JavaBean...

6.3CVSS0.00284EPSS
Exploits0References2
OSV
OSV
added 2026/06/26 7:59 a.m.3 views

SUSE-SU-2026:2642-1 Security update for apache-commons-configuration2, apache-commons-text

This update for apache-commons-configuration2, apache-commons-text fixes the following issues - CVE-2026-45205: uncontrolled recursion leads to StackOverflowError when processing specially crafted configuration files bsc1265299. Changes for apache-commons-configuration2: - Upgrade to version...

5.3CVSS5.5AI score0.00487EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/25 8:15 p.m.9 views

Security Bulletin: IBM Cloud Pak System is vulnerable to an Improper Access Control due to use of Apache Commons BeanUtils [CVE-2025-48734]

Summary Due to use of Apache Commons BeanUtils IBM Cloud Pak System is vulnerable to an Improper Access Control. IBM Cloud Pak System addressed vulnerability. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospecto...

8.8CVSS6.9AI score0.01548EPSS
Exploits1Affected Software1
OSV
OSV
added 2026/06/23 12:0 a.m.3 views

OPENSUSE-SU-2026:11105-1 apache-commons-validator-1.10.1-1.1 on GA media

These are all security issues fixed in the apache-commons-validator-1.10.1-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS6.7AI score0.96121EPSS
Exploits21References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 4:1 p.m.6 views

Security Bulletin: Multiple Vulnerabilities in IBM Datacap

Summary Multiple vulnerabilities were addressed in IBM Datacap version 9.1.9 Interim Fix 008. Vulnerability Details CVEID:CVE-2026-45205 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a...

7.5CVSS5AI score0.00743EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/15 10:14 a.m.14 views

Security Bulletin: IBM Engineering Systems Design Rhapsody TestConductor was affected by CVE-2025-48924

Summary IBM Engineering Systems Design Rhapsody TestConductor was vulnerable to an uncontrolled recursion on very long inputs. This could cause components using Apache Commons Lang to stop. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache...

5.3CVSS6.2AI score0.02164EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.22 views

Oracle E-Business Suite (April 2026 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite component: Setup and Administration. Supported...

9.8CVSS6.3AI score0.01916EPSS
Exploits7References21
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 9:11 p.m.6 views

Security Bulletin: The Apache Commons Lang library that is shipped with IBM ApplinX is vulnerable to an Uncontrolled Recursion vulnerability (CVE-2025-48924).

Summary The Apache Commons Lang library that is shipped with IBM ApplinX is vulnerable to an Uncontrolled Recursion vulnerability CVE-2025-48924. The version of the Apache Commons Lang library that is shipped with IBM ApplinX has been updated in order to address the vulnerability. Vulnerability...

5.3CVSS6.2AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/10 5:54 p.m.9 views

Security Bulletin: IBM SPSS Modeler is affected by vulnerabilities in Apache POI and Apache Commons Lang

Summary IBM SPSS Modeler is affected by vulnerabilities in Apache POI and Apache Commons Lang. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML...

5.3CVSS6.2AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 5:21 a.m.8 views

Security Bulletin: IBM Automation Decision Services for May 2026- Multiple CVEs addressed

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Automation Decision Services. See full list below. Vulnerability Details CVEID:CVE-2025-46295 DESCRIPTION: Apache Commons Text versions prior to 1.10.0 included...

9.8CVSS6.1AI score0.99931EPSS
Exploits43Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 4:50 p.m.8 views

Security Bulletin: IBM SPSS Modeler is affected by Improper Access Control vulnerability in Apache Commons

Summary IBM SPSS Modeler is affected by Improper Access Control vulnerability in Apache Commons. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class wa...

8.8CVSS7.1AI score0.01548EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.11 views

CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS5.4AI score0.00487EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/04 3:2 a.m.9 views

Security Bulletin: Due to use of spring-webmvc-6.2.17.jar, IBM Sterling Connect:Direct Web Services is affected by Uncontrolled Recursion vulnerability in Apache Commons.

Summary commons-configuration2-2.11.0.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-45205. Vulnerability Details CVEID:CVE-2026-45205 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will...

5.3CVSS5.8AI score0.00487EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.20 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache Commons Lang vulnerability (USN-8364-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8364-1 advisory. It was discovered that Apache Commons Lang incorrectly handled recursion in the ClassUtils.getClass...

5.3CVSS6.7AI score0.02164EPSS
Exploits0References2
OSV
OSV
added 2026/06/02 12:42 p.m.11 views

USN-8364-1 libcommons-lang-java, libcommons-lang3-java vulnerability

It was discovered that Apache Commons Lang incorrectly handled recursion in the ClassUtils.getClass method. An attacker could possibly use this issue to cause Apache Commons Lang to crash, resulting in a denial of service...

5.3CVSS6.6AI score0.02164EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/06/02 12:42 p.m.13 views

USN-8364-1: Apache Commons Lang vulnerability

It was discovered that Apache Commons Lang incorrectly handled recursion in the ClassUtils.getClass method. An attacker could possibly use this issue to cause Apache Commons Lang to crash, resulting in a denial of service...

5.3CVSS6.6AI score0.02164EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.9 views

openSUSE 16 Security Update : apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec (openSUSE-SU-2026:20841-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20841-1 advisory. Changes in apache-commons-lang3: Update to 3.20.0 New features: - Add SystemProperties.getPathString, Supplier - Add JavaVersion.JAVA25 - Add...

5.3CVSS6.5AI score0.02164EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/01 12:0 a.m.9 views

Security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec (important)

openSUSE security update: security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20841-1 Rating:...

8.7CVSS7AI score0.02164EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 5:43 p.m.13 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by denial of service (DoS) due to Apache Commons FileUpload

Summary Apache Commons FileUpload in WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of the parse and process HTTP requests for handling file uploads. CVE-2023-24998. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload...

7.5CVSS5.8AI score0.46836EPSS
Exploits1Affected Software1
Rows per page
Query Builder