46 matches found
CVE-2025-30474
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...
CVE-2025-30474
CVE-2025-30474 is corroborated by IBM Content Collector for SAP security bulletin: exposure of sensitive information via error messages in Apache Commons VFS (FtpFileObject may reveal the original URI, potentially containing a password). Impact is limited to affected versions (Apache Commons VFS ...
CVE-2025-30474 Apache Commons VFS: Failing to find an FTP file can reveal the URI's password in an error message
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...
PT-2025-12535
Name of the Vulnerable Software and Affected Versions: Apache Commons VFS versions prior to 2.10.0 Description: The FileObject API in Commons VFS has a resolveFile method that takes a scope parameter. Specifying NameScope.DESCENDENT promises that an exception is thrown if the resolved file is not...
Fedora: Security Advisory for apache-commons-vfs (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: apache-commons-vfs-2.9.0-5.fc40
Commons VFS provides a single API for accessing various file systems. It presents a uniform view of the files from various sources, such as the files on local disk, on an HTTP server, or inside a Zip archive. Some of the features of Commons VFS are: A single consistent API for accessing files of...