Security Bulletin: Vulnerability in Perl affects IBM watsonx.data

Summary For CVE-2020-10878, if a user submits a specially-crafted regular expression and it is used in a regex by watsonx.data, this may cause an instruction injection. Currently, IBM watsonx.data is not vulnerable to the vulnerabilities described in CVE-2020-10543, CVE-2020-12723 and...

RHEL 6 : ant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - apache-commons-compress: denial of service flaw when compressing certain files CVE-2012-2098 Note that Nessus has n...

GHSA-CGWF-W82Q-5JRR Apache Commons Compress denial of service vulnerability

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...

Input validation

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...

Security Bulletin: Vulnerability found in ant-1.8.2.jar which is shipped with IBM® Intelligent Operations Center(CVE-2021-36373, CVE-2020-11979, CVE-2021-36374, CVE-2012-2098, CVE-2020-1945)

Summary Multiple vulnerabilities have been identified in ant-1.8.2.jar which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: Vulnerability in ant-1.8.1.jar affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)

Summary The ant-1.8.1.jar package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2012-2098, CVE-2020-11979, CVE-2021-36374, CVE-2021-36373, CVE-2020-1945. Vulnerability Details CVEID:CVE-2012-2098 DESCRIPTION: Apache Commons...

Security Bulletin: Multiple vulnerabilities in Apache Ant affect IBM InfoSphere Information Server

Summary Multiple vulnerabilities in Apache Ant used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2021-36373 DESCRIPTION: Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By...

0x.plugin.bom:zero-x-plugin-bom (>=0.0.10 <=1.1.0), RPD:bmc-rpd (=1.1) +37888 more potentially affected by CVE-2012-2098 via org.apache.commons:commons-compress (>=1.0 <=1.4)

org.apache.commons:commons-compress MAVEN version =1.0, =0.0.10, =0.0.4, =0.1.0-alpha.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =0.3.5, =1.2.8 and more Source cves: CVE-2012-2098 Source advisory: OSV:GHSA-6FXM-66HQ-FC96...

Mageia: Security Advisory (MGASA-2014-0056)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability in Apache Ant affects IBM InfoSphere Information Server

Summary A vulnerability in Apache Ant was addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2012-2098 DESCRIPTION: Apache Commons Compress and Apache Ant are vulnerable to a denial of service, caused by an error when using bzip2 compression to compress files. By...

Updated plexus-archiver package fixes security vulnerability

Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs CVE-2012-2098. plexus-archiver...

Fedora Update for plexus-archiver FEDORA-2013-5548

Check for the Version of plexus-archiver OpenVAS Vulnerability Test Fedora Update for plexus-archiver FEDORA-2013-5548 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

Fedora Update for plexus-archiver FEDORA-2013-5546

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 19 : plexus-archiver-2.3-1.fc19 (2013-5530)

Rebase to upstream version and add patch to fix CVE-2012-2098. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 18 : plexus-archiver-2.3-1.fc18 (2013-5548)

Rebase to upstream version 2.3 and add patch to fix CVE-2012-2098. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 17 : plexus-archiver-2.3-1.fc17 (2013-5546)

Rebase to upstream version 2.3 and add patch to fix CVE-2012-2098. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora Update for apache-commons-compress FEDORA-2012-8428

Check for the Version of apache-commons-compress OpenVAS Vulnerability Test Fedora Update for apache-commons-compress FEDORA-2012-8428 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute ...

Fedora Update for apache-commons-compress FEDORA-2012-8428

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2012-2098

Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...

CVE-2012-2098

CVE-2012-2098 affects Apache Commons Compress (BZip2CompressorOutputStream). The vulnerability is an algorithmic complexity in the sorting routines used by the bzip2 stream, allowing an attacker to cause CPU exhaustion (DoS) by feeding input with many repeating patterns. Affected product: Apache ...