Lucene search
K

46 matches found

Debian CVE
Debian CVE
added 2025/03/23 2:15 p.m.10 views

CVE-2025-30474

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...

5CVSS7.3AI score0.00776EPSS
Exploits0
CVE
CVE
added 2025/03/23 2:15 p.m.115 views

CVE-2025-30474

CVE-2025-30474 is corroborated by IBM Content Collector for SAP security bulletin: exposure of sensitive information via error messages in Apache Commons VFS (FtpFileObject may reveal the original URI, potentially containing a password). Impact is limited to affected versions (Apache Commons VFS ...

5CVSS7.1AI score0.00776EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/03/23 2:15 p.m.28 views

CVE-2025-30474 Apache Commons VFS: Failing to find an FTP file can reveal the URI's password in an error message

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...

0.00776EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/01 12:0 a.m.4 views

PT-2025-12535

Name of the Vulnerable Software and Affected Versions: Apache Commons VFS versions prior to 2.10.0 Description: The FileObject API in Commons VFS has a resolveFile method that takes a scope parameter. Specifying NameScope.DESCENDENT promises that an exception is thrown if the resolved file is not...

7.8CVSS6.8AI score0.01277EPSS
Exploits0References46
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.18 views

Fedora: Security Advisory for apache-commons-vfs (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02578EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:32 p.m.28 views

[SECURITY] Fedora 40 Update: apache-commons-vfs-2.9.0-5.fc40

Commons VFS provides a single API for accessing various file systems. It presents a uniform view of the files from various sources, such as the files on local disk, on an HTTP server, or inside a Zip archive. Some of the features of Commons VFS are: A single consistent API for accessing files of...

8.8CVSS6.7AI score0.02578EPSS
Exploits3
Rows per page
Query Builder