Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ApacheCommons Io

2 matches found

CVE
CVEadded 2021/04/13 6:50 a.m.623 views

CVE-2021-29425

CVE-2021-29425 affects Apache Commons IO up to version 2.6, specifically FileNameUtils.normalize. With inputs such as "//../foo" or "\..\foo", normalization can yield a value that does not escape to higher directories, potentially enabling access to the parent directory if the resulting path is u...

5.8CVSS6.7AI score0.00606EPSS
In wild
CVE
CVEadded 2024/10/03 11:32 a.m.349 views

CVE-2024-47554

CVE-2024-47554 affects Apache Commons IO. An Uncontrolled Resource Consumption issue in XmlStreamReader may cause high CPU use when processing malicious input. Vulnerable version range: 2.0 <= v

4.3CVSS6.5AI score0.00127EPSS