SUSE: CVE-2024-26308: SUSE Linux Security Advisory
5
(AV:L/AC:M/Au:N/C:N/I:N/A:C)
02/19/2024
03/02/2024
03/01/2024
01/28/2025
Description
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.
Solution(s)
- suse-upgrade-apache-commons-codec
- suse-upgrade-apache-commons-codec-javadoc
- suse-upgrade-apache-commons-compress
- suse-upgrade-apache-commons-compress-javadoc
- suse-upgrade-apache-commons-configuration2
- suse-upgrade-apache-commons-configuration2-javadoc
- suse-upgrade-apache-commons-io
- suse-upgrade-apache-commons-io-javadoc
- suse-upgrade-gradle-local
- suse-upgrade-ivy-local
- suse-upgrade-maven
- suse-upgrade-maven-assembly-plugin
- suse-upgrade-maven-assembly-plugin-javadoc
- suse-upgrade-maven-doxia-core
- suse-upgrade-maven-doxia-javadoc
- suse-upgrade-maven-doxia-logging-api
- suse-upgrade-maven-doxia-module-apt
- suse-upgrade-maven-doxia-module-confluence
- suse-upgrade-maven-doxia-module-docbook-simple
- suse-upgrade-maven-doxia-module-fml
- suse-upgrade-maven-doxia-module-fo
- suse-upgrade-maven-doxia-module-latex
- suse-upgrade-maven-doxia-module-rtf
- suse-upgrade-maven-doxia-module-twiki
- suse-upgrade-maven-doxia-module-xdoc
- suse-upgrade-maven-doxia-module-xhtml
- suse-upgrade-maven-doxia-module-xhtml5
- suse-upgrade-maven-doxia-sink-api
- suse-upgrade-maven-doxia-sitetools
- suse-upgrade-maven-doxia-sitetools-javadoc
- suse-upgrade-maven-doxia-test-docs
- suse-upgrade-maven-jar-plugin
- suse-upgrade-maven-jar-plugin-bootstrap
- suse-upgrade-maven-jar-plugin-javadoc
- suse-upgrade-maven-javadoc
- suse-upgrade-maven-javadoc-plugin
- suse-upgrade-maven-javadoc-plugin-bootstrap
- suse-upgrade-maven-javadoc-plugin-javadoc
- suse-upgrade-maven-lib
- suse-upgrade-maven-local
- suse-upgrade-maven-reporting-api
- suse-upgrade-maven-reporting-api-javadoc
- suse-upgrade-maven-reporting-impl
- suse-upgrade-maven-reporting-impl-javadoc
- suse-upgrade-maven-resolver
- suse-upgrade-maven-resolver-api
- suse-upgrade-maven-resolver-connector-basic
- suse-upgrade-maven-resolver-impl
- suse-upgrade-maven-resolver-javadoc
- suse-upgrade-maven-resolver-named-locks
- suse-upgrade-maven-resolver-spi
- suse-upgrade-maven-resolver-test-util
- suse-upgrade-maven-resolver-transport-classpath
- suse-upgrade-maven-resolver-transport-file
- suse-upgrade-maven-resolver-transport-http
- suse-upgrade-maven-resolver-transport-wagon
- suse-upgrade-maven-resolver-util
- suse-upgrade-maven-resources-plugin
- suse-upgrade-maven-resources-plugin-bootstrap
- suse-upgrade-maven-resources-plugin-javadoc
- suse-upgrade-sbt
- suse-upgrade-sbt-bootstrap
- suse-upgrade-xmvn
- suse-upgrade-xmvn-api
- suse-upgrade-xmvn-connector
- suse-upgrade-xmvn-connector-javadoc
- suse-upgrade-xmvn-core
- suse-upgrade-xmvn-install
- suse-upgrade-xmvn-minimal
- suse-upgrade-xmvn-mojo
- suse-upgrade-xmvn-mojo-javadoc
- suse-upgrade-xmvn-parent
- suse-upgrade-xmvn-resolve
- suse-upgrade-xmvn-subst
- suse-upgrade-xmvn-tools-javadoc
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center