java-commons-io

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description IO related classes for Java.
Version 2.8.0-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1805 2.6-2 2.8.0-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-29425 AVG-1805 Medium Yes Directory traversal
In Apache Commons IO before 2.7, when invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result...