Lucene search
K

200 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/27 11:31 a.m.14 views

Security Bulletin: IBM Maximo Application Suite Predict Component uses CVE-2024-47554 detected in commons-io-2.11.0.jar (Publicly disclosed vulnerability found by Mend) which is vulnerable to CVE-2024-47554

Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses CVE-2024-47554 detected in commons-io-2.11.0.jar Publicly disclosed vulnerability found by Mend which is vulnerable to CVE-2024-47554. This bulletin contains information regarding the vulnerability and its fixture...

4.3CVSS4.8AI score0.01241EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.9 views

The vulnerability of the Apache Commons IO library, related to uncontrolled resource consumption, allows attackers to cause service failures.

The vulnerability of the Apache Commons IO library is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

5CVSS6.4AI score0.01241EPSS
Exploits0References8Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:27 a.m.234 views

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2022-34339, CVE-2021-3712, CVE-2021-3711, CVE-2021-4160, CVE-2021-29425, CVE-2021-3733, CVE-2021-3737, CVE-2022-0391, CVE-2021-43138, CVE-2022-24758)

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 FP6. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.2.3. A vulnerability where user credentials are stored in plain cleartext in a log and could be read by an authenticated us...

9.8CVSS9.7AI score0.87816EPSS
Exploits6Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 11:48 a.m.13 views

Security Bulletin: IBM Sterling Control Center is vulnerable to Apache Commons IO (CVE-2024-47554)

Summary Apache Commons IO jar vulnerability is impacting IBM Sterling Control Center v6.3.1 and v6.2.1 Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessivel...

4.3CVSS6.3AI score0.01241EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/10 3:46 p.m.4 views

Security Bulletin: IBM Sterrling B2B Integrator is Vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO (CVE-2024-47554)

Summary IBM Sterling B2B Integrator has addressed the uncontrolled resource consumption vulnerability from Apache Commons IO Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReade...

4.3CVSS6.7AI score0.01241EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2025/03/05 8:59 p.m.6 views

apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed...

4.3CVSS7AI score0.01241EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/05 1:58 p.m.8 views

Security Bulletin: Due to use of Apache Commons IO, IBM MobileFirst Foundation is vulnerable to Uncontrolled Resource Consumption (CVE-2024-47554)

Summary Apache Commons IO is used by IBM MobileFirst Foundation as part of file handling operations. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively...

4.3CVSS6.7AI score0.01241EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2024-47554

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resource...

4.3CVSS6.6AI score0.01241EPSS
Exploits0References4
Redos
Redos
added 2025/02/19 12:0 a.m.7 views

ROS-20250219-07

The vulnerability in the Apache Commons IO library is due to the fact that the application does not properly control the internal resource consumption when processing unreliable input data passed to the class org.apache.commons.io.input.XmlStreamReader. Exploitation of the vulnerability could all...

4.3CVSS4.5AI score0.01241EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/19 12:0 a.m.18 views

Oracle WebCenter Portal (January 2025 CPU)

The 12.2.1.4.0 versions of WebCenter Portal installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2025 CPU advisory. - jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers...

10CVSS7.2AI score0.01241EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.13 views

Azure Linux 3.0 Security Update: apache-commons-io (CVE-2024-47554)

The version of apache-commons-io installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47554 advisory. - Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...

4.3CVSS6.5AI score0.01241EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/07 4:25 p.m.18 views

Security Bulletin: Denial of Service vulnerability in Apache Commons IO affects IBM Business Automation Workflow - CVE-2024-47554

Summary IBM Business Automation Workflow packages a vulnerable version of Apache Commons IO. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Apache Commons IO is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the...

4.3CVSS4.8AI score0.01241EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/07 11:3 a.m.7 views

Security Bulletin: Due to the use of Apache Commons IO, IBM WebSphere eXtreme Scale Liberty Deployment is vulnerable to an Uncontrolled Resource Consumption vulnerability

Summary YAJSW service is used for registering XSLD services with operating system. commons-io-2.11.0.jar bundled in YAJSW is vulnerable to CVE-2024-47554. This is fixed in yajsw-stable-13.13. Applying ifix PH65060 will upgrade YAJSW to 13.13 version. Vulnerability Details CVEID:CVE-2024-47554...

4.3CVSS4.4AI score0.01241EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 8:46 p.m.17 views

Security Bulletin: Vulnerability in Apache Commons IO affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in Apache Commons IO has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resour...

4.3CVSS5.3AI score0.01241EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 8:35 p.m.10 views

Security Bulletin: Vulnerability in Apache Commons IO affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in Apache Commons IO has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resour...

4.3CVSS5.3AI score0.01241EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 8:21 p.m.11 views

Security Bulletin: Vulnerability in Apache Commons IO affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential vulnerability in Apache Commons IO has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Apache Commons IO i...

4.3CVSS5.2AI score0.01241EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 1:7 a.m.36 views

Security Bulletin: Vulnerability with Eclipse Jetty, e2fsprogs, dnsjava , Apache Commons IO, Apache HTTP Server and Java SE affect IBM Cloud Object Storage Systems (Dec 2024)

Summary Vulnerability with Eclipse Jetty CVE-2024-9823, CVE-2024-6763, CVE-2024-8184, e2fsprogs CVE-2022-1304 dnsjava CVE-2024-25638, Apache Commons IO. CVE-2024-47554 , Apache HTTP ServerCVE-2024-40725 and Java SE CVE-2024-21217,CVE-2024-21235, CVE-2024-21210. This vulnerability has been address...

8.9CVSS8.4AI score0.04134EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 2:32 p.m.12 views

Security Bulletin: Vulnerability in Apache Commons IO affects watsonx.data

Summary Apache Commons IO is vulnerable to a denial of service attack. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Apache Commons IO is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the...

4.3CVSS4.8AI score0.01241EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.17 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because Apache Commons IO is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the org.apache.commons.io.input.XmlStreamReader class. ( CVE-2024-47554)

Summary IBM PowerVM Novalink is vulnerable because Apache Commons IO is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the org.apache.commons.io.input.XmlStreamReader class. By sending a specially crafted input, a remote attacker could exploit this...

4.3CVSS7AI score0.01241EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.13 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to Apache Commons IO (CVE-2024-47554).

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to Apache Commons IO CVE-2024-47554. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Apache Commons IO is...

4.3CVSS6.3AI score0.01241EPSS
Exploits0Affected Software1
Rows per page
Query Builder