200 matches found
Security Bulletin: IBM Maximo Application Suite Predict Component uses CVE-2024-47554 detected in commons-io-2.11.0.jar (Publicly disclosed vulnerability found by Mend) which is vulnerable to CVE-2024-47554
Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses CVE-2024-47554 detected in commons-io-2.11.0.jar Publicly disclosed vulnerability found by Mend which is vulnerable to CVE-2024-47554. This bulletin contains information regarding the vulnerability and its fixture...
The vulnerability of the Apache Commons IO library, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of the Apache Commons IO library is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...
Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2022-34339, CVE-2021-3712, CVE-2021-3711, CVE-2021-4160, CVE-2021-29425, CVE-2021-3733, CVE-2021-3737, CVE-2022-0391, CVE-2021-43138, CVE-2022-24758)
Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 FP6. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.2.3. A vulnerability where user credentials are stored in plain cleartext in a log and could be read by an authenticated us...
Security Bulletin: IBM Sterling Control Center is vulnerable to Apache Commons IO (CVE-2024-47554)
Summary Apache Commons IO jar vulnerability is impacting IBM Sterling Control Center v6.3.1 and v6.2.1 Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessivel...
Security Bulletin: IBM Sterrling B2B Integrator is Vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO (CVE-2024-47554)
Summary IBM Sterling B2B Integrator has addressed the uncontrolled resource consumption vulnerability from Apache Commons IO Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReade...
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed...
Security Bulletin: Due to use of Apache Commons IO, IBM MobileFirst Foundation is vulnerable to Uncontrolled Resource Consumption (CVE-2024-47554)
Summary Apache Commons IO is used by IBM MobileFirst Foundation as part of file handling operations. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively...
Linux Distros Unpatched Vulnerability : CVE-2024-47554
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resource...
ROS-20250219-07
The vulnerability in the Apache Commons IO library is due to the fact that the application does not properly control the internal resource consumption when processing unreliable input data passed to the class org.apache.commons.io.input.XmlStreamReader. Exploitation of the vulnerability could all...
Oracle WebCenter Portal (January 2025 CPU)
The 12.2.1.4.0 versions of WebCenter Portal installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2025 CPU advisory. - jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers...
Azure Linux 3.0 Security Update: apache-commons-io (CVE-2024-47554)
The version of apache-commons-io installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47554 advisory. - Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...
Security Bulletin: Denial of Service vulnerability in Apache Commons IO affects IBM Business Automation Workflow - CVE-2024-47554
Summary IBM Business Automation Workflow packages a vulnerable version of Apache Commons IO. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Apache Commons IO is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the...
Security Bulletin: Due to the use of Apache Commons IO, IBM WebSphere eXtreme Scale Liberty Deployment is vulnerable to an Uncontrolled Resource Consumption vulnerability
Summary YAJSW service is used for registering XSLD services with operating system. commons-io-2.11.0.jar bundled in YAJSW is vulnerable to CVE-2024-47554. This is fixed in yajsw-stable-13.13. Applying ifix PH65060 will upgrade YAJSW to 13.13 version. Vulnerability Details CVEID:CVE-2024-47554...
Security Bulletin: Vulnerability in Apache Commons IO affects IBM watsonx Assistant for IBM Cloud Pak for Data
Summary Potential vulnerability in Apache Commons IO has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resour...
Security Bulletin: Vulnerability in Apache Commons IO affects IBM watsonx Assistant for IBM Cloud Pak for Data
Summary Potential vulnerability in Apache Commons IO has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resour...
Security Bulletin: Vulnerability in Apache Commons IO affects IBM watsonx Assistant for IBM Cloud Pak for Data
Summary A potential vulnerability in Apache Commons IO has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Apache Commons IO i...
Security Bulletin: Vulnerability with Eclipse Jetty, e2fsprogs, dnsjava , Apache Commons IO, Apache HTTP Server and Java SE affect IBM Cloud Object Storage Systems (Dec 2024)
Summary Vulnerability with Eclipse Jetty CVE-2024-9823, CVE-2024-6763, CVE-2024-8184, e2fsprogs CVE-2022-1304 dnsjava CVE-2024-25638, Apache Commons IO. CVE-2024-47554 , Apache HTTP ServerCVE-2024-40725 and Java SE CVE-2024-21217,CVE-2024-21235, CVE-2024-21210. This vulnerability has been address...
Security Bulletin: Vulnerability in Apache Commons IO affects watsonx.data
Summary Apache Commons IO is vulnerable to a denial of service attack. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Apache Commons IO is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the...
Security Bulletin: IBM PowerVM Novalink is vulnerable because Apache Commons IO is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the org.apache.commons.io.input.XmlStreamReader class. ( CVE-2024-47554)
Summary IBM PowerVM Novalink is vulnerable because Apache Commons IO is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the org.apache.commons.io.input.XmlStreamReader class. By sending a specially crafted input, a remote attacker could exploit this...
Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to Apache Commons IO (CVE-2024-47554).
Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to Apache Commons IO CVE-2024-47554. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Apache Commons IO is...