Lucene search
+L

7 matches found

RedHat Linux
RedHat Linux
added 2022/03/29 1:16 p.m.4 views

apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path traversal,...

5.8CVSS6.9AI score0.10608EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/03/29 1:0 p.m.24 views

apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path traversal,...

5.8CVSS6.9AI score0.10608EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/12/14 9:31 p.m.5 views

apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path traversal,...

5.8CVSS6.9AI score0.10608EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/09/14 12:37 p.m.10 views

apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path traversal,...

5.8CVSS6.9AI score0.10608EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/09/08 1:32 p.m.5 views

apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path traversal,...

5.8CVSS6.9AI score0.10608EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/07/07 6:29 a.m.5 views

apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path traversal,...

5.8CVSS6.9AI score0.10608EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2021/04/13 12:0 a.m.6 views

PT-2021-2689

Name of the Vulnerable Software and Affected Versions Apache Commons IO versions prior to 2.7 Description The issue is related to the FileNameUtils.normalize method in Apache Commons IO, which incorrectly handles directory traversal sequences such as "//../foo" or "..foo". This could allow a remo...

5.8CVSS6.8AI score0.10608EPSS
Exploits1References134
Rows per page
Query Builder