Important: javapackages-bootstrap

Issue Overview: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710 Affected Packages:...

Important: apache-commons-compress

Issue Overview: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710 Affected Packages:...

Apache Commons Configuration 缓冲区错误漏洞

Apache Commons Configuration is the United States Apache Apache Foundation , a common configuration interface , it is mainly used to enable Java applications to read configuration data from a variety of sources . An out-of-bounds write vulnerability exists in Apache Commons Configuration versions...

Important: javapackages-bootstrap

Issue Overview: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710 Affected Packages:...

Amazon Linux 2023 : apache-commons-compress, apache-commons-compress-javadoc (ALAS2023-2024-560)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-560 advisory. Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to...

Apache Commons Configuration 2.0.x < 2.10.1 Multiple Vulnerabilities

The Apache Commons Configuration library is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details CVEID:CVE-2024-21891 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by improper path traversal sequence sanitization. By using ...

Security Bulletin: Security vulnerabilities in Apache Commons Compress affects IBM License Metric Tool v9.

Summary There are vulnerabilities in Apache Commons Compress library that is used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop flaw. By persuading a victim to open a...

Important: apache-commons-compress

Issue Overview: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710 Affected Packages:...

Important: apache-commons-compress

Issue Overview: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue. CVE-2024-25710 Affected Packages:...

Amazon Linux 2 : apache-commons-compress (ALAS-2024-2493)

The version of apache-commons-compress installed on the remote host is prior to 1.5-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2493 advisory. Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apac...

PT-2024-2437 · Atlassian +3 · Confluence +3

Name of the Vulnerable Software and Affected Versions: Apache Commons Configuration versions 2.0 through 2.10.0 Confluence Data Center and Server versions prior to 8.9.1 Confluence Data Center versions 8.8.0 through 8.8.1 Confluence Data Center versions 8.7.0 through 8.7.2 Confluence Data Center...

Security Bulletin: IBM Transformation Extender Advanced is vulnerable to multiple issues due to IBM WebSphere Application Server Liberty.

Summary IBM Transformation Extender Advanced, previously known as IBM Standards Processing Engine, uses IBM WebSphere Application Server Liberty. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons...

Security Bulletin: Vulnerabilities in Apache Commons Compress library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2024-26308, CVE-2024-25710)

Summary Apache Commons Compress library is used by Tivoli Netcool/OMNIbus WebGUI as part of Apache POI dependency for Seasonal Event Graphs export feature. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of...

ROS-2-1185

2.1185 Directory traversal in Apache Commons IO CVE-2021-29425 1. Vulnerability Description: The vulnerability allows a remote attacker to perform directory traversal attacks. The vulnerability exists due to an input validation error in the FileNameUtils.normalize method when processing directory...

PT-2024-2438 · Apache +3 · Apache Commons Configuration +3

Name of the Vulnerable Software and Affected Versions: Apache Commons Configuration versions 2.0 through 2.10.0 Atlassian Confluence Data Center versions 7.17.0 through 8.9.0 Atlassian Confluence Server versions 7.17.0 through 8.5.8 Description: The issue is related to an out-of-bounds write...

ROS-2-1233

2.1233 Directory traversal in Apache Commons IO CVE-2021-29425 1. Vulnerability Description: The vulnerability allows a remote attacker to perform directory traversal attacks. The vulnerability exists due to an input validation error in the FileNameUtils.normalize method when processing directory...

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to denial of service due to Apache Commons FileUpload (CVE-2023-24998)

Summary IBM Sterling Partner Engagement Manager uses Apache Commons FileUpload. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by no...

Fedora: Security Advisory for apache-commons-jxpath (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for apache-commons-codec (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...