8 matches found
EUVD-2025-7320
Malicious code in bioql PyPI...
The vulnerability of the FtpFileObject class, a common API for accessing various file systems through Apache Commons VFS, allows attackers to gain unauthorized access to protected information.
The vulnerability of the FtpFileObject class, a common API for accessing various file systems via Apache Commons VFS, is related to insufficient protection of service data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
Sensitive Information Exposure
org.apache.commons, commons-vfs2 is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper handling of exception messages, where the FtpFileObject class exposes the original URI, including sensitive information like passwords, when a file is not found. It allows an...
CVE-2025-30474
A flaw was found in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password...
GHSA-3936-3GX6-49C4 Apache Commons VFS Exposure of Sensitive Information to an Unauthorized Actor
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...
Apache Commons VFS Exposure of Sensitive Information to an Unauthorized Actor
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...
CVE-2025-30474
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...
CVE-2025-30474
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...