Lucene search

CVE-2021-29425 Possible limited path traversal vulnerabily in Apache Commons IO

🗓️ 13 Apr 2021 06:12:50Reported by apacheType

Apache Commons IO possible path traversal vulnerability in FileNameUtils.normalize metho

Reporter	Title	Published	Views	Family All 141
Tenable Nessus	Debian DLA-2741-1 : commons-io - LTS security update	19 Aug 202100:00	–	nessus
Tenable Nessus	Amazon Linux 2 : apache-commons-io (ALAS-2023-2059)	5 Jun 202300:00	–	nessus
Tenable Nessus	openSUSE Security Update : apache-commons-io (openSUSE-2021-605)	18 May 202100:00	–	nessus
Tenable Nessus	Ubuntu 18.04 LTS / 20.04 LTS : Apache Commons IO vulnerability (USN-5095-1)	30 Sep 202100:00	–	nessus
Tenable Nessus	RHEL 7 : apache-commons-io (Unpatched Vulnerability)	11 May 202400:00	–	nessus
Tenable Nessus	Oracle WebCenter Sites (Jul 2023 CPU)	21 Jul 202300:00	–	nessus
Tenable Nessus	Oracle Primavera Gateway (Oct 2021 CPU)	21 Oct 202100:00	–	nessus
Tenable Nessus	RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 6 (Important) (RHSA-2021:3466)	15 Sep 202200:00	–	nessus
Tenable Nessus	Oracle MySQL Enterprise Monitor (Oct 2021 CPU)	20 Oct 202100:00	–	nessus
Tenable Nessus	RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 8 (Important) (RHSA-2021:3468)	15 Sep 202200:00	–	nessus

[
  {
    "product": "Apache Commons IO",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "Apache Commons IO 2.2"
      },
      {
        "status": "affected",
        "version": "Apache Commons IO 2.3"
      },
      {
        "status": "affected",
        "version": "Apache Commons IO 2.4"
      },
      {
        "status": "affected",
        "version": "Apache Commons IO 2.5"
      },
      {
        "status": "affected",
        "version": "Apache Commons IO 2.6"
      }
    ]
  }
]

Source	Link
security	www.security.netapp.com/advisory/ntap-20220210-0004/
lists	www.lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346%40%3Cnotifications.zookeeper.apache.org%3E
lists	www.lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b%40%3Cissues.zookeeper.apache.org%3E
oracle	www.oracle.com/security-alerts/cpuoct2021.html
lists	www.lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34%40%3Cdev.myfaces.apache.org%3E
lists	www.lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa%40%3Cuser.commons.apache.org%3E
lists	www.lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0%40%3Cpluto-dev.portals.apache.org%3E
lists	www.lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e%40%3Cpluto-scm.portals.apache.org%3E
lists	www.lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae%40%3Cnotifications.zookeeper.apache.org%3E
oracle	www.oracle.com/security-alerts/cpujan2022.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Apr 2021 06:50Current

6.7Medium risk

Vulners AI Score6.7

EPSS0.00189

CWE-20