Not a user yet?
Log in Register for free Suggest a product
Update

USN-8191-1: Apache Commons IO vulnerability

Ubuntu DesktopUbuntu Desktop
Canonical

USN-8191-1: Apache Commons IO vulnerability

Publication date: 21 April 2026
Overview: Apache Commons IO could be made to crash if it received specially crafted input.

Packages
commons-io - library of utilities to assist with developing IO functionality

Details
It was discovered that Apache Commons IO’s XmlStreamReader class
could excessively consume CPU resources under certain circumstances. An
attacker could possibly use this issue to cause Apache Commons IO
to crash, resulting in a denial of service.

Update instructions
In general, a standard system update will make all the necessary changes.
The problem can be corrected by updating your system to the following package versions:

  • 24.04 LTS noble libcommons-io-java – 2.11.0-2ubuntu0.24.04.1~esm1
  • 22.04 LTS jammy libcommons-io-java – 2.11.0-2ubuntu0.22.04.1~esm1
  • 20.04 LTS focal libcommons-io-java – 2.6-2ubuntu0.20.04.1+esm1
  • 18.04 LTS bionic libcommons-io-java – 2.6-2ubuntu0.18.04.1+esm1
  • 16.04 LTS xenial libcommons-io-java – 2.4-2ubuntu0.16.04.1~esm1
  • 14.04 LTS trusty libcommons-io-java – 2.4-2ubuntu0.1~esm2
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad