Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: apache-commons-io (UTSA-2026-016648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016648 advisory. In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like //../foo, or ..\foo, the result would be the...

5.8CVSS6.8AI score0.10608EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/09/08 1:36 p.m.4 views

apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path traversal,...

5.8CVSS6.9AI score0.10608EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/09/08 1:5 p.m.3 views

apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path traversal,...

5.8CVSS6.9AI score0.10608EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/04/27 12:0 a.m.7 views

The vulnerability of the FileNameUtils.normalize method in the Apache Commons IO library allows a hacker to gain unauthorized access to protected information.

The vulnerability of the FileNameUtils.normalize method in the Apache Commons IO library is related to errors in processing sequence walks through directories, such as “//../foo” or “..foo”. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to...

5.3CVSS6.6AI score0.10608EPSS
Exploits1References16Affected Software8
CNVD
CNVD
added 2021/04/23 12:0 a.m.10 views

Apache Commons IO Path Traversal Vulnerability

Apache Commons IO is an application from the American Apache Foundation Apache Inc. It can help develop IO functionality. A path traversal vulnerability exists in Apache Commons IO versions 2.2 through 2.6. The vulnerability is related to the FileNameUtils.normalize method. An attacker can exploi...

5.8CVSS7AI score0.10608EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/04/13 6:50 a.m.23 views

CVE-2021-29425 Possible limited path traversal vulnerabily in Apache Commons IO

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path traversal,...

6.7AI score0.10608EPSS
Exploits1References47
CNNVD
CNNVD
added 2021/04/12 12:0 a.m.4 views

Apache Commons IO 路径遍历漏洞

Apache Commons IO is an application from the American Apache Foundation Apache Inc. It can help develop IO functionality. A path traversal vulnerability exists in Apache Commons IO versions 2.2 through 2.6. The vulnerability is related to the FileNameUtils.normalize method. An attacker can exploi...

5.8CVSS8.1AI score0.10608EPSS
Exploits1References107
Rows per page
Query Builder