Astra Linux - уязвимость в commons-io

In Apache Commons IO before version 2.7, when the FileNameUtils.normalize method was called with an improper input string, such as “//../foo” or “\..\foo”, the result would be the same value. This potentially allowed access to files in the parent directory, but not further up the path thus...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache Commons IO vulnerability (USN-8191-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8191-1 advisory. It was discovered that Apache Commons IO's XmlStreamReader class could excessively consume CPU resourc...

USN-8191-1 commons-io vulnerability

It was discovered that Apache Commons IO's XmlStreamReader class could excessively consume CPU resources under certain circumstances. An attacker could possibly use this issue to cause Apache Commons IO to crash, resulting in a denial of service...

Security Bulletin: Vulnerability in Apache Commons IO (CVE-2024-47554) affects IBM WebSphere Service Registry and Repository.

Summary An Uncontrolled Resource Consumption vulnerability in Apache Commons IO CVE-2024-47554 affects IBM WebSphere Service Registry and Repository. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...

Security Bulletin: Uncontrolled Resource Consumption Vulnerability in Apache Commons IO XmlStreamReader, affects watsonx.data

Summary Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended ...

Security Bulletin: IBM App Connect Enterprise Toolkit and IBM Integration Bus for z/OS Toolkit are vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO (CVE-2024-47554)

Summary IBM App Connect Enterprise Toolkit and IBM Integration Bus for z/OS Toolkit are vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...

EUVD-2021-0828

Malware in sbrugna...

Security Bulletin: due to the use of Apache Commons IO, IBM Transformation Extender Advanced is vulnerable to excessive CPU consumption

Summary Apache Commons IO is used by IBM Transformation Extender Advanced also known as IBM Standards Processing Engine as part of .... CVE-2024-47554 Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...

Security Bulletin: Uncontrolled Resource Consumption vulnerability in Apache Commons IO, which affects IBM watsonx.data

Summary Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended ...

Medium: apache-commons-io

Issue Overview: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in commons-io-2.8.0.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of commons-io-2.8.0.jar Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consu...

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to Apache Commons IO.

Summary Security Bulletin:IBM Sterling External Authentication Server is vulnerable to Apache Commons IO. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may...

Security Bulletin: Multiple Vulnerabilities in IBM Event Streams

Summary Multiple vulnerabilities were addressed in IBM Event Streams version 11.8.1. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU...

Security Bulletin: IBM App Connect for Healthcare is vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO ( CVE-2024-47554 )

Summary IBM App Connect for Healthcare is vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class m...

Security Bulletin: Security Vulnerability in Apache Commons IO Affect IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2024-47554)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Apache Commons IO Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...

Security Bulletin: IBM Engineering Systems Design Rhapsody affected by CVE-2024-47554

Summary commons-io-2.11.0.jar was vulnerable and IBM Engineering Systems Design Rhapsodyhas upgraded JAR to 2.14.0. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class m...

Amazon Linux 2023 : apache-commons-io, apache-commons-io-javadoc (ALAS2023-2025-986)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-986 advisory. Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted inpu...

Medium: apache-commons-io

Issue Overview: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are...

Medium: apache-commons-io

Issue Overview: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are...

Amazon Linux 2023 : javapackages-bootstrap (ALAS2023-2025-970)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-970 advisory. Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted inpu...