{"affected":[{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP6","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP3-LTSS","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP4-LTSS","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP5-LTSS","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP3","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP4","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP5","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy 4.3","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Manager%20Proxy%204.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Manager Server 4.3","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Manager%20Server%204.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7.1","name":"apache-commons-io","purl":"pkg:rpm/suse/apache-commons-io&distro=SUSE%20Enterprise%20Storage%207.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache-commons-io":"2.18.0-150200.3.15.1","apache-commons-io-javadoc":"2.18.0-150200.3.15.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"apache-commons-io","purl":"pkg:rpm/opensuse/apache-commons-io&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.0-150200.3.15.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for apache-commons-io fixes the following issues:\n\napache-commons-io was updated from version 2.15.1 to 2.18.0:\n    \n- Key changes across versions:\n  * Cleaner code and updated dependencies\n  * Improved security when handling serialized data with the new safe deserialization feature\n  * New features for advanced file and stream operations\n  * Various bugs were fixed to improve reliability with fewer crashes and unexpected errors\n  * For the full list of changes please consult the packaged RELEASE-NOTES.txt\n    \n- Already fixed in previous version:\n  * CVE-2024-47554: Untrusted input to XmlStreamReader can lead to uncontrolled resource consumption (bsc#1231298)\n","id":"SUSE-RU-2025:1150-1","modified":"2025-04-07T07:47:08Z","published":"2025-04-07T07:47:08Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2025-1150/suse-ru-20251150-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1231298"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-47554"}],"related":["CVE-2024-47554"],"summary":"Recommended update for apache-commons-io","upstream":["CVE-2024-47554"]}