CVE-2024-47554

Published Oct 3, 2024

Last updated a month ago

CVSS medium 4.3

Overview

Description
Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.
Source
security@apache.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
4.3
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Severity
MEDIUM

Weaknesses

security@apache.org
CWE-400

Social media

Hype score
Not currently trending

  1. #IBMi #ITSecurirt : Multiple vulnerabilities in IBM Rational Developer for i (CVE-2024-47554, CVE-2024-45801) https://t.co/JiU3Q9z7TW

    @GAILLOTPatrice

    10 Dec 2024

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References