Commons Io Apache Commons Io

Do you want an email whenever new security vulnerabilities are reported in Apache Commons Io?

By the Year

In 2022 there have been 0 vulnerabilities in Apache Commons Io . Last year Commons Io had 1 security vulnerability published. Right now, Commons Io is on track to have less security vulnerabilities in 2022 than it did last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 1 4.80
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Commons Io vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Apache Commons Io Security Vulnerabilities

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//

CVE-2021-29425 4.8 - Medium - April 13, 2021

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.

Directory traversal

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Oracle Rest Data Services or by Apache? Click the Watch button to subscribe.

Apache
Vendor

subscribe