suse-ru-2025:1150-1
Vulnerability from csaf_suse
Published
2025-04-07 07:47
Modified
2025-04-07 07:47
Summary
Recommended update for apache-commons-io
Notes
Title of the patch
Recommended update for apache-commons-io
Description of the patch
This update for apache-commons-io fixes the following issues:
apache-commons-io was updated from version 2.15.1 to 2.18.0:
- Key changes across versions:
* Cleaner code and updated dependencies
* Improved security when handling serialized data with the new safe deserialization feature
* New features for advanced file and stream operations
* Various bugs were fixed to improve reliability with fewer crashes and unexpected errors
* For the full list of changes please consult the packaged RELEASE-NOTES.txt
- Already fixed in previous version:
* CVE-2024-47554: Untrusted input to XmlStreamReader can lead to uncontrolled resource consumption (bsc#1231298)
Patchnames
SUSE-2025-1150,SUSE-SLE-Module-Basesystem-15-SP6-2025-1150,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1150,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1150,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1150,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1150,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1150,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1150,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1150,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1150,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1150,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1150,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1150,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1150,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1150,SUSE-Storage-7.1-2025-1150,openSUSE-SLE-15.6-2025-1150
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Recommended update for apache-commons-io", "title": "Title of the patch" }, { "category": "description", "text": "This update for apache-commons-io fixes the following issues:\n\napache-commons-io was updated from version 2.15.1 to 2.18.0:\n \n- Key changes across versions:\n * Cleaner code and updated dependencies\n * Improved security when handling serialized data with the new safe deserialization feature\n * New features for advanced file and stream operations\n * Various bugs were fixed to improve reliability with fewer crashes and unexpected errors\n * For the full list of changes please consult the packaged RELEASE-NOTES.txt\n \n- Already fixed in previous version:\n * CVE-2024-47554: Untrusted input to XmlStreamReader can lead to uncontrolled resource consumption (bsc#1231298)\n", "title": "Description of the patch" }, { "category": "details", "text": "SUSE-2025-1150,SUSE-SLE-Module-Basesystem-15-SP6-2025-1150,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1150,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1150,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1150,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1150,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1150,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1150,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1150,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1150,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1150,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1150,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1150,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1150,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1150,SUSE-Storage-7.1-2025-1150,openSUSE-SLE-15.6-2025-1150", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2025_1150-1.json" }, { "category": "self", "summary": "URL for SUSE-RU-2025:1150-1", "url": "https://www.suse.com/support/update/announcement//suse-ru-20251150-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-RU-2025:1150-1", "url": "https://lists.suse.com/pipermail/sle-updates/2025-April/038917.html" }, { "category": "self", "summary": "SUSE Bug 1231298", "url": "https://bugzilla.suse.com/1231298" }, { "category": "self", "summary": "SUSE CVE CVE-2024-47554 page", "url": "https://www.suse.com/security/cve/CVE-2024-47554/" } ], "title": "Recommended update for apache-commons-io", "tracking": { "current_release_date": "2025-04-07T07:47:08Z", "generator": { "date": "2025-04-07T07:47:08Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-RU-2025:1150-1", "initial_release_date": "2025-04-07T07:47:08Z", "revision_history": [ { "date": "2025-04-07T07:47:08Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "product": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "product_id": "apache-commons-io-2.18.0-150200.3.15.1.noarch" } }, { "category": "product_version", "name": "apache-commons-io-javadoc-2.18.0-150200.3.15.1.noarch", "product": { "name": "apache-commons-io-javadoc-2.18.0-150200.3.15.1.noarch", "product_id": "apache-commons-io-javadoc-2.18.0-150200.3.15.1.noarch" } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise Module for Basesystem 15 SP6", "product": { "name": "SUSE Linux Enterprise Module for Basesystem 15 SP6", "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 15 SP3-LTSS", "product": { "name": "SUSE Linux Enterprise Server 15 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:15:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 15 SP4-LTSS", "product": { "name": "SUSE Linux Enterprise Server 15 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:15:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 15 SP5-LTSS", "product": { "name": "SUSE Linux Enterprise Server 15 SP5-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:15:sp5" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:15:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:15:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:15:sp5" } } }, { "category": "product_name", "name": "SUSE Manager Proxy 4.3", "product": { "name": "SUSE Manager Proxy 4.3", "product_id": "SUSE Manager Proxy 4.3", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-manager-proxy:4.3" } } }, { "category": "product_name", "name": "SUSE Manager Server 4.3", "product": { "name": "SUSE Manager Server 4.3", "product_id": "SUSE Manager Server 4.3", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-manager-server:4.3" } } }, { "category": "product_name", "name": "SUSE Enterprise Storage 7.1", "product": { "name": "SUSE Enterprise Storage 7.1", "product_id": "SUSE Enterprise Storage 7.1", "product_identification_helper": { "cpe": "cpe:/o:suse:ses:7.1" } } }, { "category": "product_name", "name": "openSUSE Leap 15.6", "product": { "name": "openSUSE Leap 15.6", "product_id": "openSUSE Leap 15.6", "product_identification_helper": { "cpe": "cpe:/o:opensuse:leap:15.6" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Manager Proxy 4.3", "product_id": "SUSE Manager Proxy 4.3:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Manager Proxy 4.3" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Manager Server 4.3", "product_id": "SUSE Manager Server 4.3:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Manager Server 4.3" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of SUSE Enterprise Storage 7.1", "product_id": "SUSE Enterprise Storage 7.1:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "SUSE Enterprise Storage 7.1" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-2.18.0-150200.3.15.1.noarch as component of openSUSE Leap 15.6", "product_id": "openSUSE Leap 15.6:apache-commons-io-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "openSUSE Leap 15.6" }, { "category": "default_component_of", "full_product_name": { "name": "apache-commons-io-javadoc-2.18.0-150200.3.15.1.noarch as component of openSUSE Leap 15.6", "product_id": "openSUSE Leap 15.6:apache-commons-io-javadoc-2.18.0-150200.3.15.1.noarch" }, "product_reference": "apache-commons-io-javadoc-2.18.0-150200.3.15.1.noarch", "relates_to_product_reference": "openSUSE Leap 15.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-47554", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2024-47554" } ], "notes": [ { "category": "general", "text": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 7.1:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server 15 SP5-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP5:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Manager Proxy 4.3:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Manager Server 4.3:apache-commons-io-2.18.0-150200.3.15.1.noarch", "openSUSE Leap 15.6:apache-commons-io-2.18.0-150200.3.15.1.noarch", "openSUSE Leap 15.6:apache-commons-io-javadoc-2.18.0-150200.3.15.1.noarch" ] }, "references": [ { "category": "external", "summary": "CVE-2024-47554", "url": "https://www.suse.com/security/cve/CVE-2024-47554" }, { "category": "external", "summary": "SUSE Bug 1231298 for CVE-2024-47554", "url": "https://bugzilla.suse.com/1231298" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 7.1:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server 15 SP5-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP5:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Manager Proxy 4.3:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Manager Server 4.3:apache-commons-io-2.18.0-150200.3.15.1.noarch", "openSUSE Leap 15.6:apache-commons-io-2.18.0-150200.3.15.1.noarch", "openSUSE Leap 15.6:apache-commons-io-javadoc-2.18.0-150200.3.15.1.noarch" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "SUSE Enterprise Storage 7.1:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server 15 SP5-LTSS:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP5:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Manager Proxy 4.3:apache-commons-io-2.18.0-150200.3.15.1.noarch", "SUSE Manager Server 4.3:apache-commons-io-2.18.0-150200.3.15.1.noarch", "openSUSE Leap 15.6:apache-commons-io-2.18.0-150200.3.15.1.noarch", "openSUSE Leap 15.6:apache-commons-io-javadoc-2.18.0-150200.3.15.1.noarch" ] } ], "threats": [ { "category": "impact", "date": "2025-04-07T07:47:08Z", "details": "moderate" } ], "title": "CVE-2024-47554" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…