2993 matches found
CVE-2024-25710 Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue...
CVE-2024-25710
CVE-2024-25710 describes a Loop with Unreachable Exit Condition (Infinite Loop) in Apache Commons Compress, affecting versions 1.3 through 1.25.0. The issue is identified as a vulnerability in the compression library, with impact details indicating high severity in some advisories and a 5.5–8.1 C...
CVE-2024-25710
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue...
CVE-2024-26308
CVE-2024-26308 affects Apache Commons Compress: Allocation of Resources Without Limits or Throttling. The IBM bulletin lists the vulnerability as present in Apache Commons Compress 1.21 through 1.25.x and fixes it in 1.26. Impact is resource exhaustion/denial of service with a base score of 5.5 (...
CVE-2024-26308
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue...
CVE-2024-26308 Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue...
Apache Commons Compress Security Vulnerability
Apache Commons Compress is an American Apache Apache Foundation library for processing compressed files. A security vulnerability exists in Apache Commons Compress versions 1.21 through prior to 1.26, which stems from unrestricted resource allocation...
Apache Commons Compress Security Vulnerability
Apache Commons Compress is an American Apache Apache Foundation library for processing compressed files. A security vulnerability exists in Apache Commons Compress versions 1.3 through 1.25.0, which stems from the presence of an infinite loop vulnerability...
CVE-2024-25710
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue...
PT-2024-2730 · Atlassian +3 · Confluence Data Center/Server +6
Name of the Vulnerable Software and Affected Versions: Apache Commons Compress versions 1.3 through 1.25.0 Bamboo Data Center and Server versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 Confluence Data Center and Server version 7.14 Description: The issue is related to a Loop with Unreachabl...
CVE-2024-26308
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue...
Security Bulletin: A vulnerability in Apache Commons FileUpload affects IBM Tivoli Application Dependency Discovery Manager.
Summary Vulnerabilitiy in Apache Commons FileUpload affects IBM Tivoli Application Dependency Discovery Manager CVE-2023-24998. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of...
Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Apache Commons FileUpload
Summary This security bulletin addresses the vulnerabilitiy in IBM WebSphere Application Server Liberty that is vulnerable to a denial of service due to Apache Commons FileUpload CVE-2023-24998 Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Exploit for Code Injection in Apache Commons_Text
Install maven - maven-linuxhttps://www.digitalocean.com/c...
RHCOS 4 : OpenShift Container Platform 4.9.59 (RHSA-2023:1524)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1524 advisory. - apache-commons-text: variable interpolation RCE CVE-2022-42889 Note that Nessus has not tested for this issue but has instead relied only o...