2 matches found
CVE-2025-27553
CVE-2025-27553: Relative Path Traversal in Apache Commons VFS (FileObject.resolveFile with NameScope.DESCENDENT) can bypass descendent checks when paths contain encoded ".."; affected up to Commons VFS 2.9.x, fixed in 2.10.0. IBM bulletin aligns this vulnerability with IBM Content Collector for S...
CVE-2025-30474
CVE-2025-30474 is corroborated by IBM Content Collector for SAP security bulletin: exposure of sensitive information via error messages in Apache Commons VFS (FtpFileObject may reveal the original URI, potentially containing a password). Impact is limited to affected versions (Apache Commons VFS ...