Security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec (important)

openSUSE security update: security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20841-1 Rating:...

OPENSUSE-SU-2026:20841-1 Security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec

This update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec fixes the following issues: Changes in apache-commons-lang3: Update to 3.20.0 New features: + Add SystemProperties.getPathString, Supplier + Add...

Security Bulletin: Security vulnerability found in the Red Hat Universal Minimal Base Image shipped with CICS Transaction Gateway for Multiplatforms.

Summary A sensitive information exposure is found in the Red Hat Universal Base Image Minimal shipped with CICS Transaction Gateway for Multiplatforms. The CICS Transaction Gateway for Multiplatforms container has been updated to address the vulnerability. Vulnerability Details IBM X-Force ID:...

Security Bulletin: The Document Service Container of IBM Stelring B2B Integrator and IBM Sterling File Gateway is vulnerable to Informaton Disclosure (177835)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the information disclosure security vulnerability Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper...

Security Bulletin: The IBM® Engineering Lifecycle Management is impacted by vulnerabilties in Apache Commons-Codec version less than 1.13

Summary A vulnerability has been identified in Apache Commons-Codec version less than 1.13, which is used in IBM Engineering Lifecycle Management - IBM Jazz. This bulletin contains information regarding vulnerabilities and remediation actions. Vulnerability Details IBM X-Force ID: 177835...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to information disclosure due to Apache Commons Codec (177835)

Summary IBM Sterling B2B Integrator uses Apache Commons Codec. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the...

OSV-2024-1313 Security exception in org.apache.commons.codec.language.bm.Rule$Phoneme.<init>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=379008019 Crash type: Security exception Crash state: org.apache.commons.codec.language.bm.Rule$Phoneme. org.apache.commons.codec.language.bm.Rule$Phoneme. org.apache.commons.codec.language.bm.PhoneticEngine$PhonemeBuilder.app...

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7

Summary cURL libcurl, Apache Xerces2 Java, Apache Jena, Spring Framework, json-smart-v1 and json-smart-v2 , libxml2, Apache Standard Taglibs , Apache ActiveMQ, Apache Commons Codec are identified as vulnerable components with multiple reported vulnerabilities, CVE-2022-35260, CVE-2022-42915,...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.0

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.0 Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitiv...

Security Bulletin: An IBM QRadar SIEM ArielRESTAPI protocol is vulnerable to Improper Validation (177835)

Summary The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal and is vulnerable to improper validation of input. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtai...

Fedora: Security Advisory for apache-commons-codec (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:0726-1 Security update for Java

This update for Java fixes the following issues: apache-commons-codec was updated to version 1.16.1: - Changes in version 1.16.1: New features: + Added Maven property project.build.outputTimestamp for build reproducibility Bugs fixed: + Correct error in Base64 Javadoc + Added minimum Java version...

Security Bulletin: IBM Cognos Transformer is affected by security vulnerabilities

Summary There are vulnerabilities in Apache Xalan, Apache Commons Codec, IBM® Java™ Version 8, and OpenSSL that are consumed by IBM Cognos Transformer. These have been addressed by upgrading or removing the vulnerable libraries. Please refer to the table in the Related Information section for...

Security Bulletin: Due to the use of Apache Commons Codec, IBM CICS Transaction Gateway for Multiplatforms is vulnerable to an information exposure.

Summary There is a vulnerability in Apache Commons Codec library which is shipped as part of IBM CICS Transaction Gateway for Multiplatforms. An update to IBM CICS Transaction Gateway for Multiplatforms has been released to address the vulnerability. Vulnerability Details IBM X-Force ID: 177835...

Security Bulletin: Security vulnerability in apache commons-codec may affect IBM Business Automation Workflow Case and Case History event emitters

Summary IBM Business Automation Workflow is vulnerable to an information leagage vulnerability. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. An attacker cou...

Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Governance - Identity Manager software component

Summary Multiple security vulnerabilities have been addressed in IBM Security Verify Governance - Identity Manager software component. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw...

Security Bulletin: Vulnerabilities in Apache Commons Codec affect IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments, and IBM Storage Protect for Space Management can lead to information disclosure

Summary IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments Data Protection for Hyper-V and Data Protection for VMware, and IBM Storage Protect for Space Management can be affected by a vulnerability in Apache Commons Codec library. The vulnerability can lead t...

Security Bulletin: Vulnerability in commons-codec-1.8.jar have affected IBM Engineering Lifecycle Optimization - Publishing

Summary This security bulletin addresses security vulnerabilities with Apache Commons Codec that have been remediated in latest iFixes of IBM Engineering Lifecycle Optimization - Publishing Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacke...

Security Bulletin: Multiple vulnerabilities in commons-codec-1.10.jar affect IBM Application Performance Management products

Summary There are multiple vulnerabilities in commons-codec-1.10.jar used by IBM Application Performance Management. IBM Applicatoon Performance Management has addressed the applicable CVEs. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attack...

Security Bulletin: Vulnerability found in commons-codec-1.5.jar which is shipped with IBM® Intelligent Operations Center(177835)

Summary Vulnerability have been identified in commons-codec-1.5.jar which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details IBM X-Force...