rpm package
suse/apache-commons-lang3&distro=SUSE Linux Enterprise Module for Basesystem 15 SP6
pkg:rpm/suse/apache-commons-lang3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-48924 | — | < 3.18.0-150200.3.12.1 | 3.18.0-150200.3.12.1 | Jul 11, 2025 | Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowErr | ||
| CVE-2022-34169 | — | < 3.16.0-150200.3.9.2 | 3.16.0-150200.3.9.2 | Jul 19, 2022 | The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t |
- CVE-2025-48924Jul 11, 2025affected < 3.18.0-150200.3.12.1fixed 3.18.0-150200.3.12.1
Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowErr
- CVE-2022-34169Jul 19, 2022affected < 3.16.0-150200.3.9.2fixed 3.16.0-150200.3.9.2
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t