Security News

Cybersecurity news aggregator

🔓
LOW Vulnerabilities Ubuntu Security

USN-8191-1: Apache Commons IO vulnerability

apachecommons-iodoscve-2024-47554mitre-ta0001
  • What: Apache Commons IO vulnerability causing denial of service
  • Impact: Systems using Apache Commons IO may crash under certain conditions
Read Full Article →

Ubuntu Security Notices USN-8191-1 USN-8191-1: Apache Commons IO vulnerability Publication date 21 April 2026 Overview Apache Commons IO could be made to crash if it received specially crafted input. Releases 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS 14.04 LTS Open side navigation Close side navigation Packages Details Update instructions References Packages commons-io - library of utilities to assist with developing IO functionality Details It was discovered that Apache Commons IO's XmlStreamReader class could excessively consume CPU resources under certain circumstances. An attacker could possibly use this issue to cause Apache Commons IO to crash, resulting in a denial of service. It was discovered that Apache Commons IO's XmlStreamReader class could excessively consume CPU resources under certain circumstances. An attacker could possibly use this issue to cause Apache Commons IO to crash, resulting in a denial of service. Update instructions In general, a standard system update will make all the necessary changes. Learn more about how to get the fixes. The problem can be corrected by updating your system to the following package versions: Ubuntu Release Package Version 24.04 LTS noble libcommons-io-java – 2.11.0-2ubuntu0.24.04.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 22.04 LTS jammy libcommons-io-java – 2.11.0-2ubuntu0.22.04.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 20.04 LTS focal libcommons-io-java – 2.6-2ubuntu0.20.04.1+esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 18.04 LTS bionic libcommons-io-java – 2.6-2ubuntu0.18.04.1+esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 16.04 LTS xenial libcommons-io-java – 2.4-2ubuntu0.16.04.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 14.04 LTS trusty libcommons-io-java – 2.4-2ubuntu0.1~esm2 Ubuntu Pro Fix available with Ubuntu Pro via Legacy Support add-on. Reduce your security exposure Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines. Get Ubuntu Pro References CVE-2024-47554 CVE-2024-47554

Related Articles

MEDIUM [UPDATE] [mittel] Apache Commons IO: Schwachstelle ermöglicht Denial of Service BSI Germany CRITICAL GovCERT.HK - Security Alerts Web Discovery MEDIUM [UPDATE] [hoch] Apache Tika: Schwachstelle ermöglicht Infogewinn oder Manipulation BSI Germany MEDIUM [UPDATE] [mittel] Apache Tomcat: Schwachstelle ermöglicht Session-Fixation BSI Germany
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn