CBL Mariner 2.0 Security Update: apache-commons-io (CVE-2024-47554)

The version of apache-commons-io installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47554 advisory. - Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...

CVE-2024-47554 affecting package apache-commons-io for versions less than 2.14.0-1

CVE-2024-47554 affecting package apache-commons-io for versions less than 2.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-47554 affecting package apache-commons-io for versions less than 2.14.0-1

CVE-2024-47554 affecting package apache-commons-io for versions less than 2.14.0-1. An upgraded version of the package is available that resolves this issue...

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

CVE-2022-25845-In-Spring 主要依赖 1. jackson 2. commons-io 快...

Security Bulletin: IBM Sterling Control Center is vulnerable due to Apache Commons issue

Summary Apache Commons is affecting IBM Sterling Control Center v6.2.1 and v6.3.1. Vulnerability Details CVEID:CVE-2024-29131 DESCRIPTION: Apache Commons Configuration could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write vulnerability. By sending...

Apache Commons IO 2.0.x < 2.14.0 DoS Vulnerability

The Apache Commons IO library is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed...

Security Bulletin: IBM Master Data Management vulnerable to denial of service from Apache Commons FileUpload (CVE-2023-24998)

Summary IBM Master Data Management v11.6, v12.0, and v14.0 are vulnerable to a denial of service caused by not limiting the number of requests processed in the file upload function in Apache Commons FileUpload. Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by...

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7

Summary cURL libcurl, Apache Xerces2 Java, Apache Jena, Spring Framework, json-smart-v1 and json-smart-v2 , libxml2, Apache Standard Taglibs , Apache ActiveMQ, Apache Commons Codec are identified as vulnerable components with multiple reported vulnerabilities, CVE-2022-35260, CVE-2022-42915,...

Security Bulletin: Apache Commons Configuration Vulnerability Affects IBM Jazz Reporting Service

Summary There is a vulnerability in Apache Commons used by IBM Jazz Reporting Service. This vulnerability has been addressed. CVE-2024-29131, CVE-2024-29133 Vulnerability Details CVEID:CVE-2024-29131 DESCRIPTION: Apache Commons Configuration could allow a remote attacker to execute arbitrary code...

Fedora: Security Advisory (FEDORA-2024-5d581b2365)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Application Testing Suite (October 2024 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps...

[SECURITY] Fedora 39 Update: apache-commons-io-2.11.0-5.fc39

Commons-IO contains utility classes, stream implementations, file filters, and endian classes. It is a library of utilities to assist with developing IO functionality...

Fedora 39 : apache-commons-io (2024-5d581b2365)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-5d581b2365 advisory. Fixes possible denial of service attack on untrusted input Tenable has extracted the preceding description block directly from the Fedora security advisory...

Security Bulletin: The IBM® Engineering Lifecycle Management is impacted by vulnerabilties in Apache Commons Collections

Summary Multiple vulnerabilities have been identified in Apache Commons Collections, which is used in IBM Engineering Lifecycle Management - IBM Jazz. This bulletin contains information regarding vulnerabilities and remediation actions. Vulnerability Details CVEID:CVE-2017-15708 DESCRIPTION: Apac...

Atlassian Confluence 6.0 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-97794)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-97794 advisory. - Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users a...

SUSE: Security Advisory (SUSE-SU-2024:3596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : apache-commons-io (SUSE-SU-2024:3596-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:3596-1 advisory. Upgrade to 2.17.0: - CVE-2024-47554: Fixed untrusted input to XmlStreamReader can lead to uncontrolled resource consumption bsc1231298 Other...

Security update for apache-commons-io

This update for apache-commons-io fixes the following issues: Upgrade to 2.17.0: CVE-2024-47554: Fixed untrusted input to XmlStreamReader can lead to uncontrolled resource consumption bsc1231298 Other changes: - https://commons.apache.org/proper/commons-io/changes-report.htmla2.17.0 Patch...

SUSE-SU-2024:3596-1 Security update for apache-commons-io

This update for apache-commons-io fixes the following issues: Upgrade to 2.17.0: - CVE-2024-47554: Fixed untrusted input to XmlStreamReader can lead to uncontrolled resource consumption bsc1231298 Other changes: - https://commons.apache.org/proper/commons-io/changes-report.htmla2.17.0...