2994 matches found
Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to a denial of service due to Apache Commons Compress (CVE-2024-25710, CVE-2024-26308)
Summary Apache Commons Compress is shipped with IBM Tivoli Netcool Impact as part of it's server communication infrastructure. Information about security vulnerabilities affecting Apache Commons Compress has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-25710...
Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.2.11 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...
Fedora: Security Advisory (FEDORA-2024-fa7b758114)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-c673517dce)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Cloud Pak for Network Automation 2.7.1 addresses multiple existing security vulnerabilities
Summary IBM Cloud Pak for Network Automation 2.7.1 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-24680 DESCRIPTION: Django is vulnerable to a denial of service,...
Oracle Enterprise Manager Agent (January 2023 CPU)
The 13.4.0.0 and 13.5.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by a vulnerability as referenced in the January 2023 CPU advisory. - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Management...
The vulnerability of the ListDelimiterHandler.flatten function in the Apache Commons Configuration library allows a attacker to execute arbitrary code.
The vulnerability of the ListDelimiterHandler.flatten function in the Apache Commons Configuration library is related to memory buffer overflows. Exploitation of this vulnerability could allow an attacker to execute arbitrary code using specially created data...
The vulnerability of the AbstractListDelimiterHandler.flattenIterator() function in the Apache Commons Configuration library allows a hacker to execute arbitrary code.
The vulnerability of the AbstractListDelimiterHandler.flattenIterator function in the Apache Commons Configuration library is related to memory overflow beyond buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially created data...
Fedora 39 : apache-commons-configuration (2024-fa7b758114)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-fa7b758114 advisory. This update contains security fixes for CVE-2024-29131 and CVE-2024-29133. See...
[SECURITY] Fedora 40 Update: apache-commons-configuration-2.10.1-1.fc40
The Commons Configuration software library provides a generic configuration interface which enables a Java application to read configuration data from a variety of sources. Commons Configuration provides typed access to single, and multi-valued configuration parameters as demonstrated by the...
Security Bulletin: IBM Automation Decision Services - March 2024 - CVE-2024-26308, CVE-2024-25710
Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress...
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
A loop with an unreachable exit condition Infinite Loop vulnerability was found in Apache Common Compress. This issue can lead to a denial of service...
Apache Commons Configuration Out-of-Bounds Write Vulnerability (CNVD-2024-16109)
Apache Commons Configuration is the United States Apache Apache Foundation , a common configuration interface , it is mainly used to enable Java applications to read configuration data from a variety of sources . An out-of-bounds write vulnerability exists in Apache Commons Configuration versions...
Apache Commons Configuration Out-of-Bounds Write Vulnerability
Apache Commons Configuration is the United States Apache Apache Foundation , a common configuration interface , it is mainly used to enable Java applications to read configuration data from a variety of sources . An out-of-bounds write vulnerability exists in Apache Commons Configuration versions...
Out-of-Bounds Write
Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper iterator handling within the AbstractListDelimiterHandler.flattenIterator method, which can result in Denial of Service if crafted input is passed to the method...
Out-of-Bounds Write
Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper handling of a cyclical object tree, which can trigger a StackOverflowError when the ListDelimiterHandler.flatten method is called. This occurs because the method recursively traverses the objec...
SUSE CVE-2024-29131
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue...
SUSE CVE-2024-29133
Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue...
CVE-2024-29131
A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error can occur when adding a property in AbstractListDelimiterHandler.flattenIterator. This issue could allow an attacker to corrupt memory or execute a denial of service attack by crafting malicious property that...
CVE-2024-29133
A vulnerability was found in Apache Commons-Configuration2, where a Stack Overflow Error occurs when calling ListDelimiterHandler.flattenObject, int with a cyclical object tree. This issue could allow an attacker to trigger an out-of-bounds write that could lead to memory corruption or cause a...