Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:29972
HistoryApr 13, 2021 - 6:39 a.m.

Directory Traversal

2021-04-1306:39:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
47
commons-io
directory traversal
malicious input
parent directory
software

EPSS

0.002

Percentile

57.2%

commons-io is vulnerable to directory traversal. Invoking the method FileNameUtils.normalize with a malicious input string would potentially allow access to files within the parent directory.

References